From 3b88dd46ee24e144bfda3babede40c3f4990da65 Mon Sep 17 00:00:00 2001
From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com>
Date: Mon, 18 Jul 2022 17:11:54 -0400
Subject: [PATCH] feat: publish cloud networksecurity v1 (#183)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* feat: publish cloud networksecurity v1

PiperOrigin-RevId: 460770654

Source-Link: https://github.com/googleapis/googleapis/commit/e7edbb9c32ae1e23a94864fc2b838d36ec7210da

Source-Link: https://github.com/googleapis/googleapis-gen/commit/1b72bc7f710504bae0e3e6ce6b31bf636a6d2ddd
Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiMWI3MmJjN2Y3MTA1MDRiYWUwZTNlNmNlNmIzMWJmNjM2YTZkMmRkZCJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* fix: Remove iam dependency

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Lawrence Qiu <lawrenceqiu@google.com>
---
 .../google-cloud-network-security-bom/pom.xml |   10 +
 .../google-cloud-network-security/pom.xml     |    9 +
 .../v1/NetworkSecurityClient.java             | 2525 +++++
 .../v1/NetworkSecuritySettings.java           |  505 +
 .../networksecurity/v1/gapic_metadata.json    |   63 +
 .../networksecurity/v1/package-info.java      |   40 +
 .../GrpcNetworkSecurityCallableFactory.java   |  113 +
 .../v1/stub/GrpcNetworkSecurityStub.java      |  860 ++
 .../v1/stub/NetworkSecurityStub.java          |  207 +
 .../v1/stub/NetworkSecurityStubSettings.java  | 1372 +++
 .../v1/MockNetworkSecurity.java               |   59 +
 .../v1/MockNetworkSecurityImpl.java           |  379 +
 .../v1/NetworkSecurityClientTest.java         | 1463 +++
 .../pom.xml                                   |   69 +
 .../v1/NetworkSecurityGrpc.java               | 2088 ++++
 java-network-security/pom.xml                 |   12 +
 .../clirr-ignored-differences.xml             |   19 +
 .../pom.xml                                   |   42 +
 .../v1/AuthorizationPolicy.java               | 9033 +++++++++++++++++
 .../v1/AuthorizationPolicyName.java           |  232 +
 .../v1/AuthorizationPolicyOrBuilder.java      |  321 +
 .../v1/AuthorizationPolicyProto.java          |  283 +
 .../v1/CertificateProvider.java               | 1225 +++
 .../v1/CertificateProviderInstance.java       |  666 ++
 .../CertificateProviderInstanceOrBuilder.java |   54 +
 .../v1/CertificateProviderOrBuilder.java      |  113 +
 .../networksecurity/v1/ClientTlsPolicy.java   | 2842 ++++++
 .../v1/ClientTlsPolicyName.java               |  227 +
 .../v1/ClientTlsPolicyOrBuilder.java          |  356 +
 .../v1/ClientTlsPolicyProto.java              |  221 +
 .../cloud/networksecurity/v1/CommonProto.java |   92 +
 .../v1/CreateAuthorizationPolicyRequest.java  | 1181 +++
 ...teAuthorizationPolicyRequestOrBuilder.java |  129 +
 .../v1/CreateClientTlsPolicyRequest.java      | 1165 +++
 ...CreateClientTlsPolicyRequestOrBuilder.java |  126 +
 .../v1/CreateServerTlsPolicyRequest.java      | 1165 +++
 ...CreateServerTlsPolicyRequestOrBuilder.java |  126 +
 .../v1/DeleteAuthorizationPolicyRequest.java  |  672 ++
 ...teAuthorizationPolicyRequestOrBuilder.java |   56 +
 .../v1/DeleteClientTlsPolicyRequest.java      |  667 ++
 ...DeleteClientTlsPolicyRequestOrBuilder.java |   56 +
 .../v1/DeleteServerTlsPolicyRequest.java      |  667 ++
 ...DeleteServerTlsPolicyRequestOrBuilder.java |   56 +
 .../v1/GetAuthorizationPolicyRequest.java     |  669 ++
 ...etAuthorizationPolicyRequestOrBuilder.java |   56 +
 .../v1/GetClientTlsPolicyRequest.java         |  664 ++
 .../GetClientTlsPolicyRequestOrBuilder.java   |   56 +
 .../v1/GetServerTlsPolicyRequest.java         |  664 ++
 .../GetServerTlsPolicyRequestOrBuilder.java   |   56 +
 .../networksecurity/v1/GrpcEndpoint.java      |  644 ++
 .../v1/GrpcEndpointOrBuilder.java             |   52 +
 .../v1/ListAuthorizationPoliciesRequest.java  |  969 ++
 ...AuthorizationPoliciesRequestOrBuilder.java |  102 +
 .../v1/ListAuthorizationPoliciesResponse.java | 1227 +++
 ...uthorizationPoliciesResponseOrBuilder.java |  113 +
 .../v1/ListClientTlsPoliciesRequest.java      |  957 ++
 ...ListClientTlsPoliciesRequestOrBuilder.java |  100 +
 .../v1/ListClientTlsPoliciesResponse.java     | 1191 +++
 ...istClientTlsPoliciesResponseOrBuilder.java |  107 +
 .../v1/ListServerTlsPoliciesRequest.java      |  957 ++
 ...ListServerTlsPoliciesRequestOrBuilder.java |  100 +
 .../v1/ListServerTlsPoliciesResponse.java     | 1191 +++
 ...istServerTlsPoliciesResponseOrBuilder.java |  107 +
 .../networksecurity/v1/LocationName.java      |  192 +
 .../v1/NetworkSecurityOuterClass.java         |  189 +
 .../networksecurity/v1/OperationMetadata.java | 1851 ++++
 .../v1/OperationMetadataOrBuilder.java        |  217 +
 .../networksecurity/v1/ServerTlsPolicy.java   | 3566 +++++++
 .../v1/ServerTlsPolicyName.java               |  227 +
 .../v1/ServerTlsPolicyOrBuilder.java          |  320 +
 .../v1/ServerTlsPolicyProto.java              |  236 +
 .../cloud/networksecurity/v1/TlsProto.java    |  125 +
 .../v1/UpdateAuthorizationPolicyRequest.java  | 1112 ++
 ...teAuthorizationPolicyRequestOrBuilder.java |  117 +
 .../v1/UpdateClientTlsPolicyRequest.java      | 1115 ++
 ...UpdateClientTlsPolicyRequestOrBuilder.java |  119 +
 .../v1/UpdateServerTlsPolicyRequest.java      | 1115 ++
 ...UpdateServerTlsPolicyRequestOrBuilder.java |  119 +
 .../networksecurity/v1/ValidationCA.java      | 1223 +++
 .../v1/ValidationCAOrBuilder.java             |  113 +
 .../v1/authorization_policy.proto             |  249 +
 .../v1/client_tls_policy.proto                |  160 +
 .../cloud/networksecurity/v1/common.proto     |   55 +
 .../networksecurity/v1/network_security.proto |  201 +
 .../v1/server_tls_policy.proto                |  181 +
 .../google/cloud/networksecurity/v1/tls.proto |   78 +
 .../SyncCreateSetCredentialsProvider.java     |   42 +
 .../create/SyncCreateSetEndpoint.java         |   39 +
 .../AsyncCreateAuthorizationPolicy.java       |   52 +
 .../AsyncCreateAuthorizationPolicyLRO.java    |   52 +
 .../SyncCreateAuthorizationPolicy.java        |   48 +
 ...onpolicynameAuthorizationpolicyString.java |   46 +
 ...PolicyStringAuthorizationpolicyString.java |   47 +
 .../AsyncCreateClientTlsPolicy.java           |   52 +
 .../AsyncCreateClientTlsPolicyLRO.java        |   52 +
 .../SyncCreateClientTlsPolicy.java            |   47 +
 ...enttlspolicynameClienttlspolicyString.java |   46 +
 ...tTlsPolicyStringClienttlspolicyString.java |   45 +
 .../AsyncCreateServerTlsPolicy.java           |   52 +
 .../AsyncCreateServerTlsPolicyLRO.java        |   52 +
 .../SyncCreateServerTlsPolicy.java            |   47 +
 ...vertlspolicynameServertlspolicyString.java |   46 +
 ...rTlsPolicyStringServertlspolicyString.java |   45 +
 .../AsyncDeleteAuthorizationPolicy.java       |   49 +
 .../AsyncDeleteAuthorizationPolicyLRO.java    |   50 +
 .../SyncDeleteAuthorizationPolicy.java        |   45 +
 ...rizationPolicyAuthorizationpolicyname.java |   40 +
 .../SyncDeleteAuthorizationPolicyString.java  |   41 +
 .../AsyncDeleteClientTlsPolicy.java           |   49 +
 .../AsyncDeleteClientTlsPolicyLRO.java        |   50 +
 .../SyncDeleteClientTlsPolicy.java            |   45 +
 ...eteClientTlsPolicyClienttlspolicyname.java |   40 +
 .../SyncDeleteClientTlsPolicyString.java      |   40 +
 .../AsyncDeleteServerTlsPolicy.java           |   49 +
 .../AsyncDeleteServerTlsPolicyLRO.java        |   50 +
 .../SyncDeleteServerTlsPolicy.java            |   45 +
 ...eteServerTlsPolicyServertlspolicyname.java |   40 +
 .../SyncDeleteServerTlsPolicyString.java      |   40 +
 .../AsyncGetAuthorizationPolicy.java          |   49 +
 .../SyncGetAuthorizationPolicy.java           |   45 +
 ...rizationPolicyAuthorizationpolicyname.java |   40 +
 .../SyncGetAuthorizationPolicyString.java     |   41 +
 .../AsyncGetClientTlsPolicy.java              |   49 +
 .../SyncGetClientTlsPolicy.java               |   45 +
 ...GetClientTlsPolicyClienttlspolicyname.java |   40 +
 .../SyncGetClientTlsPolicyString.java         |   40 +
 .../AsyncGetServerTlsPolicy.java              |   49 +
 .../SyncGetServerTlsPolicy.java               |   45 +
 ...GetServerTlsPolicyServertlspolicyname.java |   40 +
 .../SyncGetServerTlsPolicyString.java         |   40 +
 .../AsyncListAuthorizationPolicies.java       |   51 +
 .../AsyncListAuthorizationPoliciesPaged.java  |   59 +
 .../SyncListAuthorizationPolicies.java        |   48 +
 ...ListAuthorizationPoliciesLocationname.java |   42 +
 .../SyncListAuthorizationPoliciesString.java  |   42 +
 .../AsyncListClientTlsPolicies.java           |   51 +
 .../AsyncListClientTlsPoliciesPaged.java      |   59 +
 .../SyncListClientTlsPolicies.java            |   48 +
 ...SyncListClientTlsPoliciesLocationname.java |   42 +
 .../SyncListClientTlsPoliciesString.java      |   42 +
 .../AsyncListServerTlsPolicies.java           |   51 +
 .../AsyncListServerTlsPoliciesPaged.java      |   59 +
 .../SyncListServerTlsPolicies.java            |   48 +
 ...SyncListServerTlsPoliciesLocationname.java |   42 +
 .../SyncListServerTlsPoliciesString.java      |   42 +
 .../AsyncUpdateAuthorizationPolicy.java       |   49 +
 .../AsyncUpdateAuthorizationPolicyLRO.java    |   49 +
 .../SyncUpdateAuthorizationPolicy.java        |   45 +
 ...ionPolicyAuthorizationpolicyFieldmask.java |   43 +
 .../AsyncUpdateClientTlsPolicy.java           |   49 +
 .../AsyncUpdateClientTlsPolicyLRO.java        |   49 +
 .../SyncUpdateClientTlsPolicy.java            |   44 +
 ...ientTlsPolicyClienttlspolicyFieldmask.java |   41 +
 .../AsyncUpdateServerTlsPolicy.java           |   49 +
 .../AsyncUpdateServerTlsPolicyLRO.java        |   49 +
 .../SyncUpdateServerTlsPolicy.java            |   44 +
 ...rverTlsPolicyServertlspolicyFieldmask.java |   41 +
 .../SyncGetAuthorizationPolicy.java           |   46 +
 .../SyncGetAuthorizationPolicy.java           |   46 +
 java-network-security/versions.txt            |    2 +
 160 files changed, 57806 insertions(+)
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityClient.java
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecuritySettings.java
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/gapic_metadata.json
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/package-info.java
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityCallableFactory.java
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityStub.java
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStub.java
 create mode 100644 java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStubSettings.java
 create mode 100644 java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurity.java
 create mode 100644 java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurityImpl.java
 create mode 100644 java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/NetworkSecurityClientTest.java
 create mode 100644 java-network-security/grpc-google-cloud-network-security-v1/pom.xml
 create mode 100644 java-network-security/grpc-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityGrpc.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/clirr-ignored-differences.xml
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/pom.xml
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicy.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyName.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyProto.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProvider.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstance.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstanceOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicy.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyName.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyProto.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CommonProto.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpoint.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpointOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponse.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponseOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponse.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponseOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponse.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponseOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/LocationName.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityOuterClass.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadata.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadataOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicy.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyName.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyProto.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/TlsProto.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequest.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequestOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCA.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCAOrBuilder.java
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/authorization_policy.proto
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/client_tls_policy.proto
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/common.proto
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/network_security.proto
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/server_tls_policy.proto
 create mode 100644 java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/tls.proto
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetCredentialsProvider.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetEndpoint.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyAuthorizationpolicyname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyClienttlspolicyname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyServertlspolicyname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/AsyncGetAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyAuthorizationpolicyname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/AsyncGetClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyClienttlspolicyname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/AsyncGetServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyServertlspolicyname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPolicies.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPoliciesPaged.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPolicies.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesLocationname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPolicies.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPoliciesPaged.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPolicies.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesLocationname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPolicies.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPoliciesPaged.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPolicies.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesLocationname.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesString.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicyAuthorizationpolicyFieldmask.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicyClienttlspolicyFieldmask.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicyLRO.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicyServertlspolicyFieldmask.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecuritysettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
 create mode 100644 java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/stub/networksecuritystubsettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java

diff --git a/java-network-security/google-cloud-network-security-bom/pom.xml b/java-network-security/google-cloud-network-security-bom/pom.xml
index e769327a7fa2..1ee47568f9fb 100644
--- a/java-network-security/google-cloud-network-security-bom/pom.xml
+++ b/java-network-security/google-cloud-network-security-bom/pom.xml
@@ -63,11 +63,21 @@
         <artifactId>grpc-google-cloud-network-security-v1beta1</artifactId>
         <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-network-security-v1beta1:current} -->
       </dependency>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>grpc-google-cloud-network-security-v1</artifactId>
+        <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-network-security-v1:current} -->
+      </dependency>
       <dependency>
         <groupId>com.google.api.grpc</groupId>
         <artifactId>proto-google-cloud-network-security-v1beta1</artifactId>
         <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:proto-google-cloud-network-security-v1beta1:current} -->
       </dependency>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>proto-google-cloud-network-security-v1</artifactId>
+        <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:proto-google-cloud-network-security-v1:current} -->
+      </dependency>
     </dependencies>
   </dependencyManagement>
 
diff --git a/java-network-security/google-cloud-network-security/pom.xml b/java-network-security/google-cloud-network-security/pom.xml
index dc28a3ecbbaf..cc6852d416f8 100644
--- a/java-network-security/google-cloud-network-security/pom.xml
+++ b/java-network-security/google-cloud-network-security/pom.xml
@@ -42,6 +42,10 @@
       <artifactId>proto-google-common-protos</artifactId>
     </dependency>
 
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-cloud-network-security-v1</artifactId>
+    </dependency>
     <dependency>
       <groupId>com.google.api.grpc</groupId>
       <artifactId>proto-google-cloud-network-security-v1beta1</artifactId>
@@ -76,6 +80,11 @@
       <artifactId>grpc-google-cloud-network-security-v1beta1</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>grpc-google-cloud-network-security-v1</artifactId>
+      <scope>test</scope>
+    </dependency>
     <!-- Need testing utility classes for generated gRPC clients tests -->
     <dependency>
       <groupId>com.google.api</groupId>
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityClient.java b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityClient.java
new file mode 100644
index 000000000000..0a1fe58f75b0
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityClient.java
@@ -0,0 +1,2525 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import com.google.api.core.ApiFuture;
+import com.google.api.core.ApiFutures;
+import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.api.gax.paging.AbstractFixedSizeCollection;
+import com.google.api.gax.paging.AbstractPage;
+import com.google.api.gax.paging.AbstractPagedListResponse;
+import com.google.api.gax.rpc.OperationCallable;
+import com.google.api.gax.rpc.PageContext;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.networksecurity.v1.stub.NetworkSecurityStub;
+import com.google.cloud.networksecurity.v1.stub.NetworkSecurityStubSettings;
+import com.google.common.util.concurrent.MoreExecutors;
+import com.google.longrunning.Operation;
+import com.google.longrunning.OperationsClient;
+import com.google.protobuf.Empty;
+import com.google.protobuf.FieldMask;
+import java.io.IOException;
+import java.util.List;
+import java.util.concurrent.TimeUnit;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * Service Description: Network Security API provides resources to configure authentication and
+ * authorization policies. Refer to per API resource documentation for more information.
+ *
+ * <p>This class provides the ability to make remote calls to the backing service through method
+ * calls that map to API methods. Sample code to get started:
+ *
+ * <pre>{@code
+ * // This snippet has been automatically generated for illustrative purposes only.
+ * // It may require modifications to work in your environment.
+ * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+ *   AuthorizationPolicyName name =
+ *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+ *   AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(name);
+ * }
+ * }</pre>
+ *
+ * <p>Note: close() needs to be called on the NetworkSecurityClient object to clean up resources
+ * such as threads. In the example above, try-with-resources is used, which automatically calls
+ * close().
+ *
+ * <p>The surface of this class includes several types of Java methods for each of the API's
+ * methods:
+ *
+ * <ol>
+ *   <li>A "flattened" method. With this type of method, the fields of the request type have been
+ *       converted into function parameters. It may be the case that not all fields are available as
+ *       parameters, and not every API method will have a flattened method entry point.
+ *   <li>A "request object" method. This type of method only takes one parameter, a request object,
+ *       which must be constructed before the call. Not every API method will have a request object
+ *       method.
+ *   <li>A "callable" method. This type of method takes no parameters and returns an immutable API
+ *       callable object, which can be used to initiate calls to the service.
+ * </ol>
+ *
+ * <p>See the individual methods for example code.
+ *
+ * <p>Many parameters require resource names to be formatted in a particular way. To assist with
+ * these names, this class includes a format method for each type of name, and additionally a parse
+ * method to extract the individual identifiers contained within names that are returned.
+ *
+ * <p>This class can be customized by passing in a custom instance of NetworkSecuritySettings to
+ * create(). For example:
+ *
+ * <p>To customize credentials:
+ *
+ * <pre>{@code
+ * // This snippet has been automatically generated for illustrative purposes only.
+ * // It may require modifications to work in your environment.
+ * NetworkSecuritySettings networkSecuritySettings =
+ *     NetworkSecuritySettings.newBuilder()
+ *         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
+ *         .build();
+ * NetworkSecurityClient networkSecurityClient =
+ *     NetworkSecurityClient.create(networkSecuritySettings);
+ * }</pre>
+ *
+ * <p>To customize the endpoint:
+ *
+ * <pre>{@code
+ * // This snippet has been automatically generated for illustrative purposes only.
+ * // It may require modifications to work in your environment.
+ * NetworkSecuritySettings networkSecuritySettings =
+ *     NetworkSecuritySettings.newBuilder().setEndpoint(myEndpoint).build();
+ * NetworkSecurityClient networkSecurityClient =
+ *     NetworkSecurityClient.create(networkSecuritySettings);
+ * }</pre>
+ *
+ * <p>Please refer to the GitHub repository's samples for more quickstart code snippets.
+ */
+@Generated("by gapic-generator-java")
+public class NetworkSecurityClient implements BackgroundResource {
+  private final NetworkSecuritySettings settings;
+  private final NetworkSecurityStub stub;
+  private final OperationsClient operationsClient;
+
+  /** Constructs an instance of NetworkSecurityClient with default settings. */
+  public static final NetworkSecurityClient create() throws IOException {
+    return create(NetworkSecuritySettings.newBuilder().build());
+  }
+
+  /**
+   * Constructs an instance of NetworkSecurityClient, using the given settings. The channels are
+   * created based on the settings passed in, or defaults for any settings that are not set.
+   */
+  public static final NetworkSecurityClient create(NetworkSecuritySettings settings)
+      throws IOException {
+    return new NetworkSecurityClient(settings);
+  }
+
+  /**
+   * Constructs an instance of NetworkSecurityClient, using the given stub for making calls. This is
+   * for advanced usage - prefer using create(NetworkSecuritySettings).
+   */
+  public static final NetworkSecurityClient create(NetworkSecurityStub stub) {
+    return new NetworkSecurityClient(stub);
+  }
+
+  /**
+   * Constructs an instance of NetworkSecurityClient, using the given settings. This is protected so
+   * that it is easy to make a subclass, but otherwise, the static factory methods should be
+   * preferred.
+   */
+  protected NetworkSecurityClient(NetworkSecuritySettings settings) throws IOException {
+    this.settings = settings;
+    this.stub = ((NetworkSecurityStubSettings) settings.getStubSettings()).createStub();
+    this.operationsClient = OperationsClient.create(this.stub.getOperationsStub());
+  }
+
+  protected NetworkSecurityClient(NetworkSecurityStub stub) {
+    this.settings = null;
+    this.stub = stub;
+    this.operationsClient = OperationsClient.create(this.stub.getOperationsStub());
+  }
+
+  public final NetworkSecuritySettings getSettings() {
+    return settings;
+  }
+
+  public NetworkSecurityStub getStub() {
+    return stub;
+  }
+
+  /**
+   * Returns the OperationsClient that can be used to query the status of a long-running operation
+   * returned by another API method call.
+   */
+  public final OperationsClient getOperationsClient() {
+    return operationsClient;
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists AuthorizationPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+   *   for (AuthorizationPolicy element :
+   *       networkSecurityClient.listAuthorizationPolicies(parent).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The project and location from which the AuthorizationPolicies should be
+   *     listed, specified in the format `projects/{project}/locations/{location}`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListAuthorizationPoliciesPagedResponse listAuthorizationPolicies(
+      LocationName parent) {
+    ListAuthorizationPoliciesRequest request =
+        ListAuthorizationPoliciesRequest.newBuilder()
+            .setParent(parent == null ? null : parent.toString())
+            .build();
+    return listAuthorizationPolicies(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists AuthorizationPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+   *   for (AuthorizationPolicy element :
+   *       networkSecurityClient.listAuthorizationPolicies(parent).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The project and location from which the AuthorizationPolicies should be
+   *     listed, specified in the format `projects/{project}/locations/{location}`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListAuthorizationPoliciesPagedResponse listAuthorizationPolicies(String parent) {
+    ListAuthorizationPoliciesRequest request =
+        ListAuthorizationPoliciesRequest.newBuilder().setParent(parent).build();
+    return listAuthorizationPolicies(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists AuthorizationPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListAuthorizationPoliciesRequest request =
+   *       ListAuthorizationPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   for (AuthorizationPolicy element :
+   *       networkSecurityClient.listAuthorizationPolicies(request).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListAuthorizationPoliciesPagedResponse listAuthorizationPolicies(
+      ListAuthorizationPoliciesRequest request) {
+    return listAuthorizationPoliciesPagedCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists AuthorizationPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListAuthorizationPoliciesRequest request =
+   *       ListAuthorizationPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   ApiFuture<AuthorizationPolicy> future =
+   *       networkSecurityClient.listAuthorizationPoliciesPagedCallable().futureCall(request);
+   *   // Do something.
+   *   for (AuthorizationPolicy element : future.get().iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<
+          ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesPagedCallable() {
+    return stub.listAuthorizationPoliciesPagedCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists AuthorizationPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListAuthorizationPoliciesRequest request =
+   *       ListAuthorizationPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   while (true) {
+   *     ListAuthorizationPoliciesResponse response =
+   *         networkSecurityClient.listAuthorizationPoliciesCallable().call(request);
+   *     for (AuthorizationPolicy element : response.getAuthorizationPoliciesList()) {
+   *       // doThingsWith(element);
+   *     }
+   *     String nextPageToken = response.getNextPageToken();
+   *     if (!Strings.isNullOrEmpty(nextPageToken)) {
+   *       request = request.toBuilder().setPageToken(nextPageToken).build();
+   *     } else {
+   *       break;
+   *     }
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesCallable() {
+    return stub.listAuthorizationPoliciesCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   AuthorizationPolicyName name =
+   *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+   *   AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(name);
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the AuthorizationPolicy to get. Must be in the format
+   *     `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final AuthorizationPolicy getAuthorizationPolicy(AuthorizationPolicyName name) {
+    GetAuthorizationPolicyRequest request =
+        GetAuthorizationPolicyRequest.newBuilder()
+            .setName(name == null ? null : name.toString())
+            .build();
+    return getAuthorizationPolicy(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String name =
+   *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *           .toString();
+   *   AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(name);
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the AuthorizationPolicy to get. Must be in the format
+   *     `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final AuthorizationPolicy getAuthorizationPolicy(String name) {
+    GetAuthorizationPolicyRequest request =
+        GetAuthorizationPolicyRequest.newBuilder().setName(name).build();
+    return getAuthorizationPolicy(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetAuthorizationPolicyRequest request =
+   *       GetAuthorizationPolicyRequest.newBuilder()
+   *           .setName(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final AuthorizationPolicy getAuthorizationPolicy(GetAuthorizationPolicyRequest request) {
+    return getAuthorizationPolicyCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetAuthorizationPolicyRequest request =
+   *       GetAuthorizationPolicyRequest.newBuilder()
+   *           .setName(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ApiFuture<AuthorizationPolicy> future =
+   *       networkSecurityClient.getAuthorizationPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   AuthorizationPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyCallable() {
+    return stub.getAuthorizationPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new AuthorizationPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+   *   AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+   *   String authorizationPolicyId = "authorizationPolicyId1314252166";
+   *   AuthorizationPolicy response =
+   *       networkSecurityClient
+   *           .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+   *           .get();
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The parent resource of the AuthorizationPolicy. Must be in the format
+   *     `projects/{project}/locations/{location}`.
+   * @param authorizationPolicy Required. AuthorizationPolicy resource to be created.
+   * @param authorizationPolicyId Required. Short name of the AuthorizationPolicy resource to be
+   *     created. This value should be 1-63 characters long, containing only letters, numbers,
+   *     hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyAsync(
+          LocationName parent,
+          AuthorizationPolicy authorizationPolicy,
+          String authorizationPolicyId) {
+    CreateAuthorizationPolicyRequest request =
+        CreateAuthorizationPolicyRequest.newBuilder()
+            .setParent(parent == null ? null : parent.toString())
+            .setAuthorizationPolicy(authorizationPolicy)
+            .setAuthorizationPolicyId(authorizationPolicyId)
+            .build();
+    return createAuthorizationPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new AuthorizationPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+   *   AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+   *   String authorizationPolicyId = "authorizationPolicyId1314252166";
+   *   AuthorizationPolicy response =
+   *       networkSecurityClient
+   *           .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+   *           .get();
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The parent resource of the AuthorizationPolicy. Must be in the format
+   *     `projects/{project}/locations/{location}`.
+   * @param authorizationPolicy Required. AuthorizationPolicy resource to be created.
+   * @param authorizationPolicyId Required. Short name of the AuthorizationPolicy resource to be
+   *     created. This value should be 1-63 characters long, containing only letters, numbers,
+   *     hyphens, and underscores, and should not start with a number. E.g. "authz_policy".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyAsync(
+          String parent, AuthorizationPolicy authorizationPolicy, String authorizationPolicyId) {
+    CreateAuthorizationPolicyRequest request =
+        CreateAuthorizationPolicyRequest.newBuilder()
+            .setParent(parent)
+            .setAuthorizationPolicy(authorizationPolicy)
+            .setAuthorizationPolicyId(authorizationPolicyId)
+            .build();
+    return createAuthorizationPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new AuthorizationPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateAuthorizationPolicyRequest request =
+   *       CreateAuthorizationPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setAuthorizationPolicyId("authorizationPolicyId1314252166")
+   *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+   *           .build();
+   *   AuthorizationPolicy response =
+   *       networkSecurityClient.createAuthorizationPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyAsync(CreateAuthorizationPolicyRequest request) {
+    return createAuthorizationPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new AuthorizationPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateAuthorizationPolicyRequest request =
+   *       CreateAuthorizationPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setAuthorizationPolicyId("authorizationPolicyId1314252166")
+   *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+   *           .build();
+   *   OperationFuture<AuthorizationPolicy, OperationMetadata> future =
+   *       networkSecurityClient.createAuthorizationPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   AuthorizationPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<
+          CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationCallable() {
+    return stub.createAuthorizationPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new AuthorizationPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateAuthorizationPolicyRequest request =
+   *       CreateAuthorizationPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setAuthorizationPolicyId("authorizationPolicyId1314252166")
+   *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.createAuthorizationPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Operation response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyCallable() {
+    return stub.createAuthorizationPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+   *   FieldMask updateMask = FieldMask.newBuilder().build();
+   *   AuthorizationPolicy response =
+   *       networkSecurityClient
+   *           .updateAuthorizationPolicyAsync(authorizationPolicy, updateMask)
+   *           .get();
+   * }
+   * }</pre>
+   *
+   * @param authorizationPolicy Required. Updated AuthorizationPolicy resource.
+   * @param updateMask Optional. Field mask is used to specify the fields to be overwritten in the
+   *     AuthorizationPolicy resource by the update. The fields specified in the update_mask are
+   *     relative to the resource, not the full request. A field will be overwritten if it is in the
+   *     mask. If the user does not provide a mask then all fields will be overwritten.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyAsync(
+          AuthorizationPolicy authorizationPolicy, FieldMask updateMask) {
+    UpdateAuthorizationPolicyRequest request =
+        UpdateAuthorizationPolicyRequest.newBuilder()
+            .setAuthorizationPolicy(authorizationPolicy)
+            .setUpdateMask(updateMask)
+            .build();
+    return updateAuthorizationPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateAuthorizationPolicyRequest request =
+   *       UpdateAuthorizationPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+   *           .build();
+   *   AuthorizationPolicy response =
+   *       networkSecurityClient.updateAuthorizationPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyAsync(UpdateAuthorizationPolicyRequest request) {
+    return updateAuthorizationPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateAuthorizationPolicyRequest request =
+   *       UpdateAuthorizationPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+   *           .build();
+   *   OperationFuture<AuthorizationPolicy, OperationMetadata> future =
+   *       networkSecurityClient.updateAuthorizationPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   AuthorizationPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<
+          UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationCallable() {
+    return stub.updateAuthorizationPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateAuthorizationPolicyRequest request =
+   *       UpdateAuthorizationPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.updateAuthorizationPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Operation response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyCallable() {
+    return stub.updateAuthorizationPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   AuthorizationPolicyName name =
+   *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+   *   networkSecurityClient.deleteAuthorizationPolicyAsync(name).get();
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the AuthorizationPolicy to delete. Must be in the format
+   *     `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteAuthorizationPolicyAsync(
+      AuthorizationPolicyName name) {
+    DeleteAuthorizationPolicyRequest request =
+        DeleteAuthorizationPolicyRequest.newBuilder()
+            .setName(name == null ? null : name.toString())
+            .build();
+    return deleteAuthorizationPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String name =
+   *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *           .toString();
+   *   networkSecurityClient.deleteAuthorizationPolicyAsync(name).get();
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the AuthorizationPolicy to delete. Must be in the format
+   *     `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteAuthorizationPolicyAsync(
+      String name) {
+    DeleteAuthorizationPolicyRequest request =
+        DeleteAuthorizationPolicyRequest.newBuilder().setName(name).build();
+    return deleteAuthorizationPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteAuthorizationPolicyRequest request =
+   *       DeleteAuthorizationPolicyRequest.newBuilder()
+   *           .setName(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   networkSecurityClient.deleteAuthorizationPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteAuthorizationPolicyAsync(
+      DeleteAuthorizationPolicyRequest request) {
+    return deleteAuthorizationPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteAuthorizationPolicyRequest request =
+   *       DeleteAuthorizationPolicyRequest.newBuilder()
+   *           .setName(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   OperationFuture<Empty, OperationMetadata> future =
+   *       networkSecurityClient.deleteAuthorizationPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationCallable() {
+    return stub.deleteAuthorizationPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single AuthorizationPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteAuthorizationPolicyRequest request =
+   *       DeleteAuthorizationPolicyRequest.newBuilder()
+   *           .setName(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.deleteAuthorizationPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyCallable() {
+    return stub.deleteAuthorizationPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ServerTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+   *   for (ServerTlsPolicy element :
+   *       networkSecurityClient.listServerTlsPolicies(parent).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The project and location from which the ServerTlsPolicies should be
+   *     listed, specified in the format `projects/&#42;/locations/{location}`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListServerTlsPoliciesPagedResponse listServerTlsPolicies(LocationName parent) {
+    ListServerTlsPoliciesRequest request =
+        ListServerTlsPoliciesRequest.newBuilder()
+            .setParent(parent == null ? null : parent.toString())
+            .build();
+    return listServerTlsPolicies(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ServerTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+   *   for (ServerTlsPolicy element :
+   *       networkSecurityClient.listServerTlsPolicies(parent).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The project and location from which the ServerTlsPolicies should be
+   *     listed, specified in the format `projects/&#42;/locations/{location}`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListServerTlsPoliciesPagedResponse listServerTlsPolicies(String parent) {
+    ListServerTlsPoliciesRequest request =
+        ListServerTlsPoliciesRequest.newBuilder().setParent(parent).build();
+    return listServerTlsPolicies(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ServerTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListServerTlsPoliciesRequest request =
+   *       ListServerTlsPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   for (ServerTlsPolicy element :
+   *       networkSecurityClient.listServerTlsPolicies(request).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListServerTlsPoliciesPagedResponse listServerTlsPolicies(
+      ListServerTlsPoliciesRequest request) {
+    return listServerTlsPoliciesPagedCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ServerTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListServerTlsPoliciesRequest request =
+   *       ListServerTlsPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   ApiFuture<ServerTlsPolicy> future =
+   *       networkSecurityClient.listServerTlsPoliciesPagedCallable().futureCall(request);
+   *   // Do something.
+   *   for (ServerTlsPolicy element : future.get().iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesPagedCallable() {
+    return stub.listServerTlsPoliciesPagedCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ServerTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListServerTlsPoliciesRequest request =
+   *       ListServerTlsPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   while (true) {
+   *     ListServerTlsPoliciesResponse response =
+   *         networkSecurityClient.listServerTlsPoliciesCallable().call(request);
+   *     for (ServerTlsPolicy element : response.getServerTlsPoliciesList()) {
+   *       // doThingsWith(element);
+   *     }
+   *     String nextPageToken = response.getNextPageToken();
+   *     if (!Strings.isNullOrEmpty(nextPageToken)) {
+   *       request = request.toBuilder().setPageToken(nextPageToken).build();
+   *     } else {
+   *       break;
+   *     }
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesCallable() {
+    return stub.listServerTlsPoliciesCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ServerTlsPolicyName name =
+   *       ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+   *   ServerTlsPolicy response = networkSecurityClient.getServerTlsPolicy(name);
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ServerTlsPolicy to get. Must be in the format
+   *     `projects/&#42;/locations/{location}/serverTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ServerTlsPolicy getServerTlsPolicy(ServerTlsPolicyName name) {
+    GetServerTlsPolicyRequest request =
+        GetServerTlsPolicyRequest.newBuilder()
+            .setName(name == null ? null : name.toString())
+            .build();
+    return getServerTlsPolicy(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String name =
+   *       ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString();
+   *   ServerTlsPolicy response = networkSecurityClient.getServerTlsPolicy(name);
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ServerTlsPolicy to get. Must be in the format
+   *     `projects/&#42;/locations/{location}/serverTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ServerTlsPolicy getServerTlsPolicy(String name) {
+    GetServerTlsPolicyRequest request =
+        GetServerTlsPolicyRequest.newBuilder().setName(name).build();
+    return getServerTlsPolicy(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetServerTlsPolicyRequest request =
+   *       GetServerTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ServerTlsPolicy response = networkSecurityClient.getServerTlsPolicy(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ServerTlsPolicy getServerTlsPolicy(GetServerTlsPolicyRequest request) {
+    return getServerTlsPolicyCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetServerTlsPolicyRequest request =
+   *       GetServerTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ApiFuture<ServerTlsPolicy> future =
+   *       networkSecurityClient.getServerTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   ServerTlsPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicyCallable() {
+    return stub.getServerTlsPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ServerTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+   *   ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+   *   String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+   *   ServerTlsPolicy response =
+   *       networkSecurityClient
+   *           .createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId)
+   *           .get();
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The parent resource of the ServerTlsPolicy. Must be in the format
+   *     `projects/&#42;/locations/{location}`.
+   * @param serverTlsPolicy Required. ServerTlsPolicy resource to be created.
+   * @param serverTlsPolicyId Required. Short name of the ServerTlsPolicy resource to be created.
+   *     This value should be 1-63 characters long, containing only letters, numbers, hyphens, and
+   *     underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTlsPolicyAsync(
+      LocationName parent, ServerTlsPolicy serverTlsPolicy, String serverTlsPolicyId) {
+    CreateServerTlsPolicyRequest request =
+        CreateServerTlsPolicyRequest.newBuilder()
+            .setParent(parent == null ? null : parent.toString())
+            .setServerTlsPolicy(serverTlsPolicy)
+            .setServerTlsPolicyId(serverTlsPolicyId)
+            .build();
+    return createServerTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ServerTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+   *   ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+   *   String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+   *   ServerTlsPolicy response =
+   *       networkSecurityClient
+   *           .createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId)
+   *           .get();
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The parent resource of the ServerTlsPolicy. Must be in the format
+   *     `projects/&#42;/locations/{location}`.
+   * @param serverTlsPolicy Required. ServerTlsPolicy resource to be created.
+   * @param serverTlsPolicyId Required. Short name of the ServerTlsPolicy resource to be created.
+   *     This value should be 1-63 characters long, containing only letters, numbers, hyphens, and
+   *     underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTlsPolicyAsync(
+      String parent, ServerTlsPolicy serverTlsPolicy, String serverTlsPolicyId) {
+    CreateServerTlsPolicyRequest request =
+        CreateServerTlsPolicyRequest.newBuilder()
+            .setParent(parent)
+            .setServerTlsPolicy(serverTlsPolicy)
+            .setServerTlsPolicyId(serverTlsPolicyId)
+            .build();
+    return createServerTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ServerTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateServerTlsPolicyRequest request =
+   *       CreateServerTlsPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
+   *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ServerTlsPolicy response = networkSecurityClient.createServerTlsPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTlsPolicyAsync(
+      CreateServerTlsPolicyRequest request) {
+    return createServerTlsPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ServerTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateServerTlsPolicyRequest request =
+   *       CreateServerTlsPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
+   *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+   *           .build();
+   *   OperationFuture<ServerTlsPolicy, OperationMetadata> future =
+   *       networkSecurityClient.createServerTlsPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   ServerTlsPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationCallable() {
+    return stub.createServerTlsPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ServerTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateServerTlsPolicyRequest request =
+   *       CreateServerTlsPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
+   *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.createServerTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Operation response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicyCallable() {
+    return stub.createServerTlsPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+   *   FieldMask updateMask = FieldMask.newBuilder().build();
+   *   ServerTlsPolicy response =
+   *       networkSecurityClient.updateServerTlsPolicyAsync(serverTlsPolicy, updateMask).get();
+   * }
+   * }</pre>
+   *
+   * @param serverTlsPolicy Required. Updated ServerTlsPolicy resource.
+   * @param updateMask Optional. Field mask is used to specify the fields to be overwritten in the
+   *     ServerTlsPolicy resource by the update. The fields specified in the update_mask are
+   *     relative to the resource, not the full request. A field will be overwritten if it is in the
+   *     mask. If the user does not provide a mask then all fields will be overwritten.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ServerTlsPolicy, OperationMetadata> updateServerTlsPolicyAsync(
+      ServerTlsPolicy serverTlsPolicy, FieldMask updateMask) {
+    UpdateServerTlsPolicyRequest request =
+        UpdateServerTlsPolicyRequest.newBuilder()
+            .setServerTlsPolicy(serverTlsPolicy)
+            .setUpdateMask(updateMask)
+            .build();
+    return updateServerTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateServerTlsPolicyRequest request =
+   *       UpdateServerTlsPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ServerTlsPolicy response = networkSecurityClient.updateServerTlsPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ServerTlsPolicy, OperationMetadata> updateServerTlsPolicyAsync(
+      UpdateServerTlsPolicyRequest request) {
+    return updateServerTlsPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateServerTlsPolicyRequest request =
+   *       UpdateServerTlsPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+   *           .build();
+   *   OperationFuture<ServerTlsPolicy, OperationMetadata> future =
+   *       networkSecurityClient.updateServerTlsPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   ServerTlsPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationCallable() {
+    return stub.updateServerTlsPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateServerTlsPolicyRequest request =
+   *       UpdateServerTlsPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.updateServerTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Operation response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicyCallable() {
+    return stub.updateServerTlsPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ServerTlsPolicyName name =
+   *       ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+   *   networkSecurityClient.deleteServerTlsPolicyAsync(name).get();
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ServerTlsPolicy to delete. Must be in the format
+   *     `projects/&#42;/locations/{location}/serverTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteServerTlsPolicyAsync(
+      ServerTlsPolicyName name) {
+    DeleteServerTlsPolicyRequest request =
+        DeleteServerTlsPolicyRequest.newBuilder()
+            .setName(name == null ? null : name.toString())
+            .build();
+    return deleteServerTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String name =
+   *       ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString();
+   *   networkSecurityClient.deleteServerTlsPolicyAsync(name).get();
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ServerTlsPolicy to delete. Must be in the format
+   *     `projects/&#42;/locations/{location}/serverTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteServerTlsPolicyAsync(String name) {
+    DeleteServerTlsPolicyRequest request =
+        DeleteServerTlsPolicyRequest.newBuilder().setName(name).build();
+    return deleteServerTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteServerTlsPolicyRequest request =
+   *       DeleteServerTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   networkSecurityClient.deleteServerTlsPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteServerTlsPolicyAsync(
+      DeleteServerTlsPolicyRequest request) {
+    return deleteServerTlsPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteServerTlsPolicyRequest request =
+   *       DeleteServerTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   OperationFuture<Empty, OperationMetadata> future =
+   *       networkSecurityClient.deleteServerTlsPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationCallable() {
+    return stub.deleteServerTlsPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ServerTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteServerTlsPolicyRequest request =
+   *       DeleteServerTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.deleteServerTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicyCallable() {
+    return stub.deleteServerTlsPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ClientTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+   *   for (ClientTlsPolicy element :
+   *       networkSecurityClient.listClientTlsPolicies(parent).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The project and location from which the ClientTlsPolicies should be
+   *     listed, specified in the format `projects/&#42;/locations/{location}`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListClientTlsPoliciesPagedResponse listClientTlsPolicies(LocationName parent) {
+    ListClientTlsPoliciesRequest request =
+        ListClientTlsPoliciesRequest.newBuilder()
+            .setParent(parent == null ? null : parent.toString())
+            .build();
+    return listClientTlsPolicies(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ClientTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+   *   for (ClientTlsPolicy element :
+   *       networkSecurityClient.listClientTlsPolicies(parent).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The project and location from which the ClientTlsPolicies should be
+   *     listed, specified in the format `projects/&#42;/locations/{location}`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListClientTlsPoliciesPagedResponse listClientTlsPolicies(String parent) {
+    ListClientTlsPoliciesRequest request =
+        ListClientTlsPoliciesRequest.newBuilder().setParent(parent).build();
+    return listClientTlsPolicies(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ClientTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListClientTlsPoliciesRequest request =
+   *       ListClientTlsPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   for (ClientTlsPolicy element :
+   *       networkSecurityClient.listClientTlsPolicies(request).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListClientTlsPoliciesPagedResponse listClientTlsPolicies(
+      ListClientTlsPoliciesRequest request) {
+    return listClientTlsPoliciesPagedCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ClientTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListClientTlsPoliciesRequest request =
+   *       ListClientTlsPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   ApiFuture<ClientTlsPolicy> future =
+   *       networkSecurityClient.listClientTlsPoliciesPagedCallable().futureCall(request);
+   *   // Do something.
+   *   for (ClientTlsPolicy element : future.get().iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesPagedCallable() {
+    return stub.listClientTlsPoliciesPagedCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists ClientTlsPolicies in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListClientTlsPoliciesRequest request =
+   *       ListClientTlsPoliciesRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   while (true) {
+   *     ListClientTlsPoliciesResponse response =
+   *         networkSecurityClient.listClientTlsPoliciesCallable().call(request);
+   *     for (ClientTlsPolicy element : response.getClientTlsPoliciesList()) {
+   *       // doThingsWith(element);
+   *     }
+   *     String nextPageToken = response.getNextPageToken();
+   *     if (!Strings.isNullOrEmpty(nextPageToken)) {
+   *       request = request.toBuilder().setPageToken(nextPageToken).build();
+   *     } else {
+   *       break;
+   *     }
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesCallable() {
+    return stub.listClientTlsPoliciesCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ClientTlsPolicyName name =
+   *       ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+   *   ClientTlsPolicy response = networkSecurityClient.getClientTlsPolicy(name);
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ClientTlsPolicy to get. Must be in the format
+   *     `projects/&#42;/locations/{location}/clientTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ClientTlsPolicy getClientTlsPolicy(ClientTlsPolicyName name) {
+    GetClientTlsPolicyRequest request =
+        GetClientTlsPolicyRequest.newBuilder()
+            .setName(name == null ? null : name.toString())
+            .build();
+    return getClientTlsPolicy(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String name =
+   *       ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString();
+   *   ClientTlsPolicy response = networkSecurityClient.getClientTlsPolicy(name);
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ClientTlsPolicy to get. Must be in the format
+   *     `projects/&#42;/locations/{location}/clientTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ClientTlsPolicy getClientTlsPolicy(String name) {
+    GetClientTlsPolicyRequest request =
+        GetClientTlsPolicyRequest.newBuilder().setName(name).build();
+    return getClientTlsPolicy(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetClientTlsPolicyRequest request =
+   *       GetClientTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ClientTlsPolicy response = networkSecurityClient.getClientTlsPolicy(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ClientTlsPolicy getClientTlsPolicy(GetClientTlsPolicyRequest request) {
+    return getClientTlsPolicyCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets details of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetClientTlsPolicyRequest request =
+   *       GetClientTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ApiFuture<ClientTlsPolicy> future =
+   *       networkSecurityClient.getClientTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   ClientTlsPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicyCallable() {
+    return stub.getClientTlsPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ClientTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+   *   ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+   *   String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+   *   ClientTlsPolicy response =
+   *       networkSecurityClient
+   *           .createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId)
+   *           .get();
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The parent resource of the ClientTlsPolicy. Must be in the format
+   *     `projects/&#42;/locations/{location}`.
+   * @param clientTlsPolicy Required. ClientTlsPolicy resource to be created.
+   * @param clientTlsPolicyId Required. Short name of the ClientTlsPolicy resource to be created.
+   *     This value should be 1-63 characters long, containing only letters, numbers, hyphens, and
+   *     underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTlsPolicyAsync(
+      LocationName parent, ClientTlsPolicy clientTlsPolicy, String clientTlsPolicyId) {
+    CreateClientTlsPolicyRequest request =
+        CreateClientTlsPolicyRequest.newBuilder()
+            .setParent(parent == null ? null : parent.toString())
+            .setClientTlsPolicy(clientTlsPolicy)
+            .setClientTlsPolicyId(clientTlsPolicyId)
+            .build();
+    return createClientTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ClientTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+   *   ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+   *   String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+   *   ClientTlsPolicy response =
+   *       networkSecurityClient
+   *           .createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId)
+   *           .get();
+   * }
+   * }</pre>
+   *
+   * @param parent Required. The parent resource of the ClientTlsPolicy. Must be in the format
+   *     `projects/&#42;/locations/{location}`.
+   * @param clientTlsPolicy Required. ClientTlsPolicy resource to be created.
+   * @param clientTlsPolicyId Required. Short name of the ClientTlsPolicy resource to be created.
+   *     This value should be 1-63 characters long, containing only letters, numbers, hyphens, and
+   *     underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTlsPolicyAsync(
+      String parent, ClientTlsPolicy clientTlsPolicy, String clientTlsPolicyId) {
+    CreateClientTlsPolicyRequest request =
+        CreateClientTlsPolicyRequest.newBuilder()
+            .setParent(parent)
+            .setClientTlsPolicy(clientTlsPolicy)
+            .setClientTlsPolicyId(clientTlsPolicyId)
+            .build();
+    return createClientTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ClientTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateClientTlsPolicyRequest request =
+   *       CreateClientTlsPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setClientTlsPolicyId("clientTlsPolicyId-188933315")
+   *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ClientTlsPolicy response = networkSecurityClient.createClientTlsPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTlsPolicyAsync(
+      CreateClientTlsPolicyRequest request) {
+    return createClientTlsPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ClientTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateClientTlsPolicyRequest request =
+   *       CreateClientTlsPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setClientTlsPolicyId("clientTlsPolicyId-188933315")
+   *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+   *           .build();
+   *   OperationFuture<ClientTlsPolicy, OperationMetadata> future =
+   *       networkSecurityClient.createClientTlsPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   ClientTlsPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationCallable() {
+    return stub.createClientTlsPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Creates a new ClientTlsPolicy in a given project and location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   CreateClientTlsPolicyRequest request =
+   *       CreateClientTlsPolicyRequest.newBuilder()
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+   *           .setClientTlsPolicyId("clientTlsPolicyId-188933315")
+   *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.createClientTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Operation response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicyCallable() {
+    return stub.createClientTlsPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+   *   FieldMask updateMask = FieldMask.newBuilder().build();
+   *   ClientTlsPolicy response =
+   *       networkSecurityClient.updateClientTlsPolicyAsync(clientTlsPolicy, updateMask).get();
+   * }
+   * }</pre>
+   *
+   * @param clientTlsPolicy Required. Updated ClientTlsPolicy resource.
+   * @param updateMask Optional. Field mask is used to specify the fields to be overwritten in the
+   *     ClientTlsPolicy resource by the update. The fields specified in the update_mask are
+   *     relative to the resource, not the full request. A field will be overwritten if it is in the
+   *     mask. If the user does not provide a mask then all fields will be overwritten.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ClientTlsPolicy, OperationMetadata> updateClientTlsPolicyAsync(
+      ClientTlsPolicy clientTlsPolicy, FieldMask updateMask) {
+    UpdateClientTlsPolicyRequest request =
+        UpdateClientTlsPolicyRequest.newBuilder()
+            .setClientTlsPolicy(clientTlsPolicy)
+            .setUpdateMask(updateMask)
+            .build();
+    return updateClientTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateClientTlsPolicyRequest request =
+   *       UpdateClientTlsPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ClientTlsPolicy response = networkSecurityClient.updateClientTlsPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<ClientTlsPolicy, OperationMetadata> updateClientTlsPolicyAsync(
+      UpdateClientTlsPolicyRequest request) {
+    return updateClientTlsPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateClientTlsPolicyRequest request =
+   *       UpdateClientTlsPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+   *           .build();
+   *   OperationFuture<ClientTlsPolicy, OperationMetadata> future =
+   *       networkSecurityClient.updateClientTlsPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   ClientTlsPolicy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationCallable() {
+    return stub.updateClientTlsPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Updates the parameters of a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   UpdateClientTlsPolicyRequest request =
+   *       UpdateClientTlsPolicyRequest.newBuilder()
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.updateClientTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Operation response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicyCallable() {
+    return stub.updateClientTlsPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ClientTlsPolicyName name =
+   *       ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+   *   networkSecurityClient.deleteClientTlsPolicyAsync(name).get();
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ClientTlsPolicy to delete. Must be in the format
+   *     `projects/&#42;/locations/{location}/clientTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteClientTlsPolicyAsync(
+      ClientTlsPolicyName name) {
+    DeleteClientTlsPolicyRequest request =
+        DeleteClientTlsPolicyRequest.newBuilder()
+            .setName(name == null ? null : name.toString())
+            .build();
+    return deleteClientTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   String name =
+   *       ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString();
+   *   networkSecurityClient.deleteClientTlsPolicyAsync(name).get();
+   * }
+   * }</pre>
+   *
+   * @param name Required. A name of the ClientTlsPolicy to delete. Must be in the format
+   *     `projects/&#42;/locations/{location}/clientTlsPolicies/&#42;`.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteClientTlsPolicyAsync(String name) {
+    DeleteClientTlsPolicyRequest request =
+        DeleteClientTlsPolicyRequest.newBuilder().setName(name).build();
+    return deleteClientTlsPolicyAsync(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteClientTlsPolicyRequest request =
+   *       DeleteClientTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   networkSecurityClient.deleteClientTlsPolicyAsync(request).get();
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final OperationFuture<Empty, OperationMetadata> deleteClientTlsPolicyAsync(
+      DeleteClientTlsPolicyRequest request) {
+    return deleteClientTlsPolicyOperationCallable().futureCall(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteClientTlsPolicyRequest request =
+   *       DeleteClientTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   OperationFuture<Empty, OperationMetadata> future =
+   *       networkSecurityClient.deleteClientTlsPolicyOperationCallable().futureCall(request);
+   *   // Do something.
+   *   future.get();
+   * }
+   * }</pre>
+   */
+  public final OperationCallable<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationCallable() {
+    return stub.deleteClientTlsPolicyOperationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Deletes a single ClientTlsPolicy.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   DeleteClientTlsPolicyRequest request =
+   *       DeleteClientTlsPolicyRequest.newBuilder()
+   *           .setName(
+   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+   *                   .toString())
+   *           .build();
+   *   ApiFuture<Operation> future =
+   *       networkSecurityClient.deleteClientTlsPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicyCallable() {
+    return stub.deleteClientTlsPolicyCallable();
+  }
+
+  @Override
+  public final void close() {
+    stub.close();
+  }
+
+  @Override
+  public void shutdown() {
+    stub.shutdown();
+  }
+
+  @Override
+  public boolean isShutdown() {
+    return stub.isShutdown();
+  }
+
+  @Override
+  public boolean isTerminated() {
+    return stub.isTerminated();
+  }
+
+  @Override
+  public void shutdownNow() {
+    stub.shutdownNow();
+  }
+
+  @Override
+  public boolean awaitTermination(long duration, TimeUnit unit) throws InterruptedException {
+    return stub.awaitTermination(duration, unit);
+  }
+
+  public static class ListAuthorizationPoliciesPagedResponse
+      extends AbstractPagedListResponse<
+          ListAuthorizationPoliciesRequest,
+          ListAuthorizationPoliciesResponse,
+          AuthorizationPolicy,
+          ListAuthorizationPoliciesPage,
+          ListAuthorizationPoliciesFixedSizeCollection> {
+
+    public static ApiFuture<ListAuthorizationPoliciesPagedResponse> createAsync(
+        PageContext<
+                ListAuthorizationPoliciesRequest,
+                ListAuthorizationPoliciesResponse,
+                AuthorizationPolicy>
+            context,
+        ApiFuture<ListAuthorizationPoliciesResponse> futureResponse) {
+      ApiFuture<ListAuthorizationPoliciesPage> futurePage =
+          ListAuthorizationPoliciesPage.createEmptyPage().createPageAsync(context, futureResponse);
+      return ApiFutures.transform(
+          futurePage,
+          input -> new ListAuthorizationPoliciesPagedResponse(input),
+          MoreExecutors.directExecutor());
+    }
+
+    private ListAuthorizationPoliciesPagedResponse(ListAuthorizationPoliciesPage page) {
+      super(page, ListAuthorizationPoliciesFixedSizeCollection.createEmptyCollection());
+    }
+  }
+
+  public static class ListAuthorizationPoliciesPage
+      extends AbstractPage<
+          ListAuthorizationPoliciesRequest,
+          ListAuthorizationPoliciesResponse,
+          AuthorizationPolicy,
+          ListAuthorizationPoliciesPage> {
+
+    private ListAuthorizationPoliciesPage(
+        PageContext<
+                ListAuthorizationPoliciesRequest,
+                ListAuthorizationPoliciesResponse,
+                AuthorizationPolicy>
+            context,
+        ListAuthorizationPoliciesResponse response) {
+      super(context, response);
+    }
+
+    private static ListAuthorizationPoliciesPage createEmptyPage() {
+      return new ListAuthorizationPoliciesPage(null, null);
+    }
+
+    @Override
+    protected ListAuthorizationPoliciesPage createPage(
+        PageContext<
+                ListAuthorizationPoliciesRequest,
+                ListAuthorizationPoliciesResponse,
+                AuthorizationPolicy>
+            context,
+        ListAuthorizationPoliciesResponse response) {
+      return new ListAuthorizationPoliciesPage(context, response);
+    }
+
+    @Override
+    public ApiFuture<ListAuthorizationPoliciesPage> createPageAsync(
+        PageContext<
+                ListAuthorizationPoliciesRequest,
+                ListAuthorizationPoliciesResponse,
+                AuthorizationPolicy>
+            context,
+        ApiFuture<ListAuthorizationPoliciesResponse> futureResponse) {
+      return super.createPageAsync(context, futureResponse);
+    }
+  }
+
+  public static class ListAuthorizationPoliciesFixedSizeCollection
+      extends AbstractFixedSizeCollection<
+          ListAuthorizationPoliciesRequest,
+          ListAuthorizationPoliciesResponse,
+          AuthorizationPolicy,
+          ListAuthorizationPoliciesPage,
+          ListAuthorizationPoliciesFixedSizeCollection> {
+
+    private ListAuthorizationPoliciesFixedSizeCollection(
+        List<ListAuthorizationPoliciesPage> pages, int collectionSize) {
+      super(pages, collectionSize);
+    }
+
+    private static ListAuthorizationPoliciesFixedSizeCollection createEmptyCollection() {
+      return new ListAuthorizationPoliciesFixedSizeCollection(null, 0);
+    }
+
+    @Override
+    protected ListAuthorizationPoliciesFixedSizeCollection createCollection(
+        List<ListAuthorizationPoliciesPage> pages, int collectionSize) {
+      return new ListAuthorizationPoliciesFixedSizeCollection(pages, collectionSize);
+    }
+  }
+
+  public static class ListServerTlsPoliciesPagedResponse
+      extends AbstractPagedListResponse<
+          ListServerTlsPoliciesRequest,
+          ListServerTlsPoliciesResponse,
+          ServerTlsPolicy,
+          ListServerTlsPoliciesPage,
+          ListServerTlsPoliciesFixedSizeCollection> {
+
+    public static ApiFuture<ListServerTlsPoliciesPagedResponse> createAsync(
+        PageContext<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse, ServerTlsPolicy>
+            context,
+        ApiFuture<ListServerTlsPoliciesResponse> futureResponse) {
+      ApiFuture<ListServerTlsPoliciesPage> futurePage =
+          ListServerTlsPoliciesPage.createEmptyPage().createPageAsync(context, futureResponse);
+      return ApiFutures.transform(
+          futurePage,
+          input -> new ListServerTlsPoliciesPagedResponse(input),
+          MoreExecutors.directExecutor());
+    }
+
+    private ListServerTlsPoliciesPagedResponse(ListServerTlsPoliciesPage page) {
+      super(page, ListServerTlsPoliciesFixedSizeCollection.createEmptyCollection());
+    }
+  }
+
+  public static class ListServerTlsPoliciesPage
+      extends AbstractPage<
+          ListServerTlsPoliciesRequest,
+          ListServerTlsPoliciesResponse,
+          ServerTlsPolicy,
+          ListServerTlsPoliciesPage> {
+
+    private ListServerTlsPoliciesPage(
+        PageContext<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse, ServerTlsPolicy>
+            context,
+        ListServerTlsPoliciesResponse response) {
+      super(context, response);
+    }
+
+    private static ListServerTlsPoliciesPage createEmptyPage() {
+      return new ListServerTlsPoliciesPage(null, null);
+    }
+
+    @Override
+    protected ListServerTlsPoliciesPage createPage(
+        PageContext<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse, ServerTlsPolicy>
+            context,
+        ListServerTlsPoliciesResponse response) {
+      return new ListServerTlsPoliciesPage(context, response);
+    }
+
+    @Override
+    public ApiFuture<ListServerTlsPoliciesPage> createPageAsync(
+        PageContext<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse, ServerTlsPolicy>
+            context,
+        ApiFuture<ListServerTlsPoliciesResponse> futureResponse) {
+      return super.createPageAsync(context, futureResponse);
+    }
+  }
+
+  public static class ListServerTlsPoliciesFixedSizeCollection
+      extends AbstractFixedSizeCollection<
+          ListServerTlsPoliciesRequest,
+          ListServerTlsPoliciesResponse,
+          ServerTlsPolicy,
+          ListServerTlsPoliciesPage,
+          ListServerTlsPoliciesFixedSizeCollection> {
+
+    private ListServerTlsPoliciesFixedSizeCollection(
+        List<ListServerTlsPoliciesPage> pages, int collectionSize) {
+      super(pages, collectionSize);
+    }
+
+    private static ListServerTlsPoliciesFixedSizeCollection createEmptyCollection() {
+      return new ListServerTlsPoliciesFixedSizeCollection(null, 0);
+    }
+
+    @Override
+    protected ListServerTlsPoliciesFixedSizeCollection createCollection(
+        List<ListServerTlsPoliciesPage> pages, int collectionSize) {
+      return new ListServerTlsPoliciesFixedSizeCollection(pages, collectionSize);
+    }
+  }
+
+  public static class ListClientTlsPoliciesPagedResponse
+      extends AbstractPagedListResponse<
+          ListClientTlsPoliciesRequest,
+          ListClientTlsPoliciesResponse,
+          ClientTlsPolicy,
+          ListClientTlsPoliciesPage,
+          ListClientTlsPoliciesFixedSizeCollection> {
+
+    public static ApiFuture<ListClientTlsPoliciesPagedResponse> createAsync(
+        PageContext<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse, ClientTlsPolicy>
+            context,
+        ApiFuture<ListClientTlsPoliciesResponse> futureResponse) {
+      ApiFuture<ListClientTlsPoliciesPage> futurePage =
+          ListClientTlsPoliciesPage.createEmptyPage().createPageAsync(context, futureResponse);
+      return ApiFutures.transform(
+          futurePage,
+          input -> new ListClientTlsPoliciesPagedResponse(input),
+          MoreExecutors.directExecutor());
+    }
+
+    private ListClientTlsPoliciesPagedResponse(ListClientTlsPoliciesPage page) {
+      super(page, ListClientTlsPoliciesFixedSizeCollection.createEmptyCollection());
+    }
+  }
+
+  public static class ListClientTlsPoliciesPage
+      extends AbstractPage<
+          ListClientTlsPoliciesRequest,
+          ListClientTlsPoliciesResponse,
+          ClientTlsPolicy,
+          ListClientTlsPoliciesPage> {
+
+    private ListClientTlsPoliciesPage(
+        PageContext<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse, ClientTlsPolicy>
+            context,
+        ListClientTlsPoliciesResponse response) {
+      super(context, response);
+    }
+
+    private static ListClientTlsPoliciesPage createEmptyPage() {
+      return new ListClientTlsPoliciesPage(null, null);
+    }
+
+    @Override
+    protected ListClientTlsPoliciesPage createPage(
+        PageContext<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse, ClientTlsPolicy>
+            context,
+        ListClientTlsPoliciesResponse response) {
+      return new ListClientTlsPoliciesPage(context, response);
+    }
+
+    @Override
+    public ApiFuture<ListClientTlsPoliciesPage> createPageAsync(
+        PageContext<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse, ClientTlsPolicy>
+            context,
+        ApiFuture<ListClientTlsPoliciesResponse> futureResponse) {
+      return super.createPageAsync(context, futureResponse);
+    }
+  }
+
+  public static class ListClientTlsPoliciesFixedSizeCollection
+      extends AbstractFixedSizeCollection<
+          ListClientTlsPoliciesRequest,
+          ListClientTlsPoliciesResponse,
+          ClientTlsPolicy,
+          ListClientTlsPoliciesPage,
+          ListClientTlsPoliciesFixedSizeCollection> {
+
+    private ListClientTlsPoliciesFixedSizeCollection(
+        List<ListClientTlsPoliciesPage> pages, int collectionSize) {
+      super(pages, collectionSize);
+    }
+
+    private static ListClientTlsPoliciesFixedSizeCollection createEmptyCollection() {
+      return new ListClientTlsPoliciesFixedSizeCollection(null, 0);
+    }
+
+    @Override
+    protected ListClientTlsPoliciesFixedSizeCollection createCollection(
+        List<ListClientTlsPoliciesPage> pages, int collectionSize) {
+      return new ListClientTlsPoliciesFixedSizeCollection(pages, collectionSize);
+    }
+  }
+}
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecuritySettings.java b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecuritySettings.java
new file mode 100644
index 000000000000..5dce47f8e58b
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecuritySettings.java
@@ -0,0 +1,505 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
+
+import com.google.api.core.ApiFunction;
+import com.google.api.core.BetaApi;
+import com.google.api.gax.core.GoogleCredentialsProvider;
+import com.google.api.gax.core.InstantiatingExecutorProvider;
+import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider;
+import com.google.api.gax.rpc.ApiClientHeaderProvider;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.ClientSettings;
+import com.google.api.gax.rpc.OperationCallSettings;
+import com.google.api.gax.rpc.PagedCallSettings;
+import com.google.api.gax.rpc.TransportChannelProvider;
+import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.cloud.networksecurity.v1.stub.NetworkSecurityStubSettings;
+import com.google.longrunning.Operation;
+import com.google.protobuf.Empty;
+import java.io.IOException;
+import java.util.List;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * Settings class to configure an instance of {@link NetworkSecurityClient}.
+ *
+ * <p>The default instance has everything set to sensible defaults:
+ *
+ * <ul>
+ *   <li>The default service address (networksecurity.googleapis.com) and default port (443) are
+ *       used.
+ *   <li>Credentials are acquired automatically through Application Default Credentials.
+ *   <li>Retries are configured for idempotent methods but not for non-idempotent methods.
+ * </ul>
+ *
+ * <p>The builder of this class is recursive, so contained classes are themselves builders. When
+ * build() is called, the tree of builders is called to create the complete settings object.
+ *
+ * <p>For example, to set the total timeout of getAuthorizationPolicy to 30 seconds:
+ *
+ * <pre>{@code
+ * // This snippet has been automatically generated for illustrative purposes only.
+ * // It may require modifications to work in your environment.
+ * NetworkSecuritySettings.Builder networkSecuritySettingsBuilder =
+ *     NetworkSecuritySettings.newBuilder();
+ * networkSecuritySettingsBuilder
+ *     .getAuthorizationPolicySettings()
+ *     .setRetrySettings(
+ *         networkSecuritySettingsBuilder
+ *             .getAuthorizationPolicySettings()
+ *             .getRetrySettings()
+ *             .toBuilder()
+ *             .setTotalTimeout(Duration.ofSeconds(30))
+ *             .build());
+ * NetworkSecuritySettings networkSecuritySettings = networkSecuritySettingsBuilder.build();
+ * }</pre>
+ */
+@Generated("by gapic-generator-java")
+public class NetworkSecuritySettings extends ClientSettings<NetworkSecuritySettings> {
+
+  /** Returns the object with the settings used for calls to listAuthorizationPolicies. */
+  public PagedCallSettings<
+          ListAuthorizationPoliciesRequest,
+          ListAuthorizationPoliciesResponse,
+          ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).listAuthorizationPoliciesSettings();
+  }
+
+  /** Returns the object with the settings used for calls to getAuthorizationPolicy. */
+  public UnaryCallSettings<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).getAuthorizationPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to createAuthorizationPolicy. */
+  public UnaryCallSettings<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).createAuthorizationPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to createAuthorizationPolicy. */
+  public OperationCallSettings<
+          CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .createAuthorizationPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to updateAuthorizationPolicy. */
+  public UnaryCallSettings<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).updateAuthorizationPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to updateAuthorizationPolicy. */
+  public OperationCallSettings<
+          UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .updateAuthorizationPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to deleteAuthorizationPolicy. */
+  public UnaryCallSettings<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).deleteAuthorizationPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to deleteAuthorizationPolicy. */
+  public OperationCallSettings<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .deleteAuthorizationPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to listServerTlsPolicies. */
+  public PagedCallSettings<
+          ListServerTlsPoliciesRequest,
+          ListServerTlsPoliciesResponse,
+          ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).listServerTlsPoliciesSettings();
+  }
+
+  /** Returns the object with the settings used for calls to getServerTlsPolicy. */
+  public UnaryCallSettings<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).getServerTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to createServerTlsPolicy. */
+  public UnaryCallSettings<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).createServerTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to createServerTlsPolicy. */
+  public OperationCallSettings<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .createServerTlsPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to updateServerTlsPolicy. */
+  public UnaryCallSettings<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).updateServerTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to updateServerTlsPolicy. */
+  public OperationCallSettings<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .updateServerTlsPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to deleteServerTlsPolicy. */
+  public UnaryCallSettings<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).deleteServerTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to deleteServerTlsPolicy. */
+  public OperationCallSettings<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .deleteServerTlsPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to listClientTlsPolicies. */
+  public PagedCallSettings<
+          ListClientTlsPoliciesRequest,
+          ListClientTlsPoliciesResponse,
+          ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).listClientTlsPoliciesSettings();
+  }
+
+  /** Returns the object with the settings used for calls to getClientTlsPolicy. */
+  public UnaryCallSettings<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).getClientTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to createClientTlsPolicy. */
+  public UnaryCallSettings<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).createClientTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to createClientTlsPolicy. */
+  public OperationCallSettings<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .createClientTlsPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to updateClientTlsPolicy. */
+  public UnaryCallSettings<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).updateClientTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to updateClientTlsPolicy. */
+  public OperationCallSettings<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .updateClientTlsPolicyOperationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to deleteClientTlsPolicy. */
+  public UnaryCallSettings<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).deleteClientTlsPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to deleteClientTlsPolicy. */
+  public OperationCallSettings<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings())
+        .deleteClientTlsPolicyOperationSettings();
+  }
+
+  public static final NetworkSecuritySettings create(NetworkSecurityStubSettings stub)
+      throws IOException {
+    return new NetworkSecuritySettings.Builder(stub.toBuilder()).build();
+  }
+
+  /** Returns a builder for the default ExecutorProvider for this service. */
+  public static InstantiatingExecutorProvider.Builder defaultExecutorProviderBuilder() {
+    return NetworkSecurityStubSettings.defaultExecutorProviderBuilder();
+  }
+
+  /** Returns the default service endpoint. */
+  public static String getDefaultEndpoint() {
+    return NetworkSecurityStubSettings.getDefaultEndpoint();
+  }
+
+  /** Returns the default service scopes. */
+  public static List<String> getDefaultServiceScopes() {
+    return NetworkSecurityStubSettings.getDefaultServiceScopes();
+  }
+
+  /** Returns a builder for the default credentials for this service. */
+  public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilder() {
+    return NetworkSecurityStubSettings.defaultCredentialsProviderBuilder();
+  }
+
+  /** Returns a builder for the default ChannelProvider for this service. */
+  public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() {
+    return NetworkSecurityStubSettings.defaultGrpcTransportProviderBuilder();
+  }
+
+  public static TransportChannelProvider defaultTransportChannelProvider() {
+    return NetworkSecurityStubSettings.defaultTransportChannelProvider();
+  }
+
+  @BetaApi("The surface for customizing headers is not stable yet and may change in the future.")
+  public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() {
+    return NetworkSecurityStubSettings.defaultApiClientHeaderProviderBuilder();
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder() {
+    return Builder.createDefault();
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder(ClientContext clientContext) {
+    return new Builder(clientContext);
+  }
+
+  /** Returns a builder containing all the values of this settings class. */
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  protected NetworkSecuritySettings(Builder settingsBuilder) throws IOException {
+    super(settingsBuilder);
+  }
+
+  /** Builder for NetworkSecuritySettings. */
+  public static class Builder extends ClientSettings.Builder<NetworkSecuritySettings, Builder> {
+
+    protected Builder() throws IOException {
+      this(((ClientContext) null));
+    }
+
+    protected Builder(ClientContext clientContext) {
+      super(NetworkSecurityStubSettings.newBuilder(clientContext));
+    }
+
+    protected Builder(NetworkSecuritySettings settings) {
+      super(settings.getStubSettings().toBuilder());
+    }
+
+    protected Builder(NetworkSecurityStubSettings.Builder stubSettings) {
+      super(stubSettings);
+    }
+
+    private static Builder createDefault() {
+      return new Builder(NetworkSecurityStubSettings.newBuilder());
+    }
+
+    public NetworkSecurityStubSettings.Builder getStubSettingsBuilder() {
+      return ((NetworkSecurityStubSettings.Builder) getStubSettings());
+    }
+
+    /**
+     * Applies the given settings updater function to all of the unary API methods in this service.
+     *
+     * <p>Note: This method does not support applying settings to streaming methods.
+     */
+    public Builder applyToAllUnaryMethods(
+        ApiFunction<UnaryCallSettings.Builder<?, ?>, Void> settingsUpdater) {
+      super.applyToAllUnaryMethods(
+          getStubSettingsBuilder().unaryMethodSettingsBuilders(), settingsUpdater);
+      return this;
+    }
+
+    /** Returns the builder for the settings used for calls to listAuthorizationPolicies. */
+    public PagedCallSettings.Builder<
+            ListAuthorizationPoliciesRequest,
+            ListAuthorizationPoliciesResponse,
+            ListAuthorizationPoliciesPagedResponse>
+        listAuthorizationPoliciesSettings() {
+      return getStubSettingsBuilder().listAuthorizationPoliciesSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to getAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+        getAuthorizationPolicySettings() {
+      return getStubSettingsBuilder().getAuthorizationPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to createAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<CreateAuthorizationPolicyRequest, Operation>
+        createAuthorizationPolicySettings() {
+      return getStubSettingsBuilder().createAuthorizationPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to createAuthorizationPolicy. */
+    public OperationCallSettings.Builder<
+            CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+        createAuthorizationPolicyOperationSettings() {
+      return getStubSettingsBuilder().createAuthorizationPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to updateAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<UpdateAuthorizationPolicyRequest, Operation>
+        updateAuthorizationPolicySettings() {
+      return getStubSettingsBuilder().updateAuthorizationPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to updateAuthorizationPolicy. */
+    public OperationCallSettings.Builder<
+            UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+        updateAuthorizationPolicyOperationSettings() {
+      return getStubSettingsBuilder().updateAuthorizationPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to deleteAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<DeleteAuthorizationPolicyRequest, Operation>
+        deleteAuthorizationPolicySettings() {
+      return getStubSettingsBuilder().deleteAuthorizationPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to deleteAuthorizationPolicy. */
+    public OperationCallSettings.Builder<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+        deleteAuthorizationPolicyOperationSettings() {
+      return getStubSettingsBuilder().deleteAuthorizationPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to listServerTlsPolicies. */
+    public PagedCallSettings.Builder<
+            ListServerTlsPoliciesRequest,
+            ListServerTlsPoliciesResponse,
+            ListServerTlsPoliciesPagedResponse>
+        listServerTlsPoliciesSettings() {
+      return getStubSettingsBuilder().listServerTlsPoliciesSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to getServerTlsPolicy. */
+    public UnaryCallSettings.Builder<GetServerTlsPolicyRequest, ServerTlsPolicy>
+        getServerTlsPolicySettings() {
+      return getStubSettingsBuilder().getServerTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to createServerTlsPolicy. */
+    public UnaryCallSettings.Builder<CreateServerTlsPolicyRequest, Operation>
+        createServerTlsPolicySettings() {
+      return getStubSettingsBuilder().createServerTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to createServerTlsPolicy. */
+    public OperationCallSettings.Builder<
+            CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+        createServerTlsPolicyOperationSettings() {
+      return getStubSettingsBuilder().createServerTlsPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to updateServerTlsPolicy. */
+    public UnaryCallSettings.Builder<UpdateServerTlsPolicyRequest, Operation>
+        updateServerTlsPolicySettings() {
+      return getStubSettingsBuilder().updateServerTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to updateServerTlsPolicy. */
+    public OperationCallSettings.Builder<
+            UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+        updateServerTlsPolicyOperationSettings() {
+      return getStubSettingsBuilder().updateServerTlsPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to deleteServerTlsPolicy. */
+    public UnaryCallSettings.Builder<DeleteServerTlsPolicyRequest, Operation>
+        deleteServerTlsPolicySettings() {
+      return getStubSettingsBuilder().deleteServerTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to deleteServerTlsPolicy. */
+    public OperationCallSettings.Builder<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+        deleteServerTlsPolicyOperationSettings() {
+      return getStubSettingsBuilder().deleteServerTlsPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to listClientTlsPolicies. */
+    public PagedCallSettings.Builder<
+            ListClientTlsPoliciesRequest,
+            ListClientTlsPoliciesResponse,
+            ListClientTlsPoliciesPagedResponse>
+        listClientTlsPoliciesSettings() {
+      return getStubSettingsBuilder().listClientTlsPoliciesSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to getClientTlsPolicy. */
+    public UnaryCallSettings.Builder<GetClientTlsPolicyRequest, ClientTlsPolicy>
+        getClientTlsPolicySettings() {
+      return getStubSettingsBuilder().getClientTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to createClientTlsPolicy. */
+    public UnaryCallSettings.Builder<CreateClientTlsPolicyRequest, Operation>
+        createClientTlsPolicySettings() {
+      return getStubSettingsBuilder().createClientTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to createClientTlsPolicy. */
+    public OperationCallSettings.Builder<
+            CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+        createClientTlsPolicyOperationSettings() {
+      return getStubSettingsBuilder().createClientTlsPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to updateClientTlsPolicy. */
+    public UnaryCallSettings.Builder<UpdateClientTlsPolicyRequest, Operation>
+        updateClientTlsPolicySettings() {
+      return getStubSettingsBuilder().updateClientTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to updateClientTlsPolicy. */
+    public OperationCallSettings.Builder<
+            UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+        updateClientTlsPolicyOperationSettings() {
+      return getStubSettingsBuilder().updateClientTlsPolicyOperationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to deleteClientTlsPolicy. */
+    public UnaryCallSettings.Builder<DeleteClientTlsPolicyRequest, Operation>
+        deleteClientTlsPolicySettings() {
+      return getStubSettingsBuilder().deleteClientTlsPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to deleteClientTlsPolicy. */
+    public OperationCallSettings.Builder<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+        deleteClientTlsPolicyOperationSettings() {
+      return getStubSettingsBuilder().deleteClientTlsPolicyOperationSettings();
+    }
+
+    @Override
+    public NetworkSecuritySettings build() throws IOException {
+      return new NetworkSecuritySettings(this);
+    }
+  }
+}
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/gapic_metadata.json b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/gapic_metadata.json
new file mode 100644
index 000000000000..f7960392bb7b
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/gapic_metadata.json
@@ -0,0 +1,63 @@
+{
+  "schema": "1.0",
+  "comment": "This file maps proto services/RPCs to the corresponding library clients/methods",
+  "language": "java",
+  "protoPackage": "google.cloud.networksecurity.v1",
+  "libraryPackage": "com.google.cloud.networksecurity.v1",
+  "services": {
+    "NetworkSecurity": {
+      "clients": {
+        "grpc": {
+          "libraryClient": "NetworkSecurityClient",
+          "rpcs": {
+            "CreateAuthorizationPolicy": {
+              "methods": ["createAuthorizationPolicyAsync", "createAuthorizationPolicyAsync", "createAuthorizationPolicyAsync", "createAuthorizationPolicyOperationCallable", "createAuthorizationPolicyCallable"]
+            },
+            "CreateClientTlsPolicy": {
+              "methods": ["createClientTlsPolicyAsync", "createClientTlsPolicyAsync", "createClientTlsPolicyAsync", "createClientTlsPolicyOperationCallable", "createClientTlsPolicyCallable"]
+            },
+            "CreateServerTlsPolicy": {
+              "methods": ["createServerTlsPolicyAsync", "createServerTlsPolicyAsync", "createServerTlsPolicyAsync", "createServerTlsPolicyOperationCallable", "createServerTlsPolicyCallable"]
+            },
+            "DeleteAuthorizationPolicy": {
+              "methods": ["deleteAuthorizationPolicyAsync", "deleteAuthorizationPolicyAsync", "deleteAuthorizationPolicyAsync", "deleteAuthorizationPolicyOperationCallable", "deleteAuthorizationPolicyCallable"]
+            },
+            "DeleteClientTlsPolicy": {
+              "methods": ["deleteClientTlsPolicyAsync", "deleteClientTlsPolicyAsync", "deleteClientTlsPolicyAsync", "deleteClientTlsPolicyOperationCallable", "deleteClientTlsPolicyCallable"]
+            },
+            "DeleteServerTlsPolicy": {
+              "methods": ["deleteServerTlsPolicyAsync", "deleteServerTlsPolicyAsync", "deleteServerTlsPolicyAsync", "deleteServerTlsPolicyOperationCallable", "deleteServerTlsPolicyCallable"]
+            },
+            "GetAuthorizationPolicy": {
+              "methods": ["getAuthorizationPolicy", "getAuthorizationPolicy", "getAuthorizationPolicy", "getAuthorizationPolicyCallable"]
+            },
+            "GetClientTlsPolicy": {
+              "methods": ["getClientTlsPolicy", "getClientTlsPolicy", "getClientTlsPolicy", "getClientTlsPolicyCallable"]
+            },
+            "GetServerTlsPolicy": {
+              "methods": ["getServerTlsPolicy", "getServerTlsPolicy", "getServerTlsPolicy", "getServerTlsPolicyCallable"]
+            },
+            "ListAuthorizationPolicies": {
+              "methods": ["listAuthorizationPolicies", "listAuthorizationPolicies", "listAuthorizationPolicies", "listAuthorizationPoliciesPagedCallable", "listAuthorizationPoliciesCallable"]
+            },
+            "ListClientTlsPolicies": {
+              "methods": ["listClientTlsPolicies", "listClientTlsPolicies", "listClientTlsPolicies", "listClientTlsPoliciesPagedCallable", "listClientTlsPoliciesCallable"]
+            },
+            "ListServerTlsPolicies": {
+              "methods": ["listServerTlsPolicies", "listServerTlsPolicies", "listServerTlsPolicies", "listServerTlsPoliciesPagedCallable", "listServerTlsPoliciesCallable"]
+            },
+            "UpdateAuthorizationPolicy": {
+              "methods": ["updateAuthorizationPolicyAsync", "updateAuthorizationPolicyAsync", "updateAuthorizationPolicyOperationCallable", "updateAuthorizationPolicyCallable"]
+            },
+            "UpdateClientTlsPolicy": {
+              "methods": ["updateClientTlsPolicyAsync", "updateClientTlsPolicyAsync", "updateClientTlsPolicyOperationCallable", "updateClientTlsPolicyCallable"]
+            },
+            "UpdateServerTlsPolicy": {
+              "methods": ["updateServerTlsPolicyAsync", "updateServerTlsPolicyAsync", "updateServerTlsPolicyOperationCallable", "updateServerTlsPolicyCallable"]
+            }
+          }
+        }
+      }
+    }
+  }
+}
\ No newline at end of file
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/package-info.java b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/package-info.java
new file mode 100644
index 000000000000..3afe2545edd2
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/package-info.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * The interfaces provided are listed below, along with usage samples.
+ *
+ * <p>======================= NetworkSecurityClient =======================
+ *
+ * <p>Service Description: Network Security API provides resources to configure authentication and
+ * authorization policies. Refer to per API resource documentation for more information.
+ *
+ * <p>Sample for NetworkSecurityClient:
+ *
+ * <pre>{@code
+ * // This snippet has been automatically generated for illustrative purposes only.
+ * // It may require modifications to work in your environment.
+ * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+ *   AuthorizationPolicyName name =
+ *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+ *   AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(name);
+ * }
+ * }</pre>
+ */
+@Generated("by gapic-generator-java")
+package com.google.cloud.networksecurity.v1;
+
+import javax.annotation.Generated;
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityCallableFactory.java b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityCallableFactory.java
new file mode 100644
index 000000000000..1b22552fec65
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityCallableFactory.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1.stub;
+
+import com.google.api.gax.grpc.GrpcCallSettings;
+import com.google.api.gax.grpc.GrpcCallableFactory;
+import com.google.api.gax.grpc.GrpcStubCallableFactory;
+import com.google.api.gax.rpc.BatchingCallSettings;
+import com.google.api.gax.rpc.BidiStreamingCallable;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.ClientStreamingCallable;
+import com.google.api.gax.rpc.OperationCallSettings;
+import com.google.api.gax.rpc.OperationCallable;
+import com.google.api.gax.rpc.PagedCallSettings;
+import com.google.api.gax.rpc.ServerStreamingCallSettings;
+import com.google.api.gax.rpc.ServerStreamingCallable;
+import com.google.api.gax.rpc.StreamingCallSettings;
+import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.longrunning.Operation;
+import com.google.longrunning.stub.OperationsStub;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * gRPC callable factory implementation for the NetworkSecurity service API.
+ *
+ * <p>This class is for advanced usage.
+ */
+@Generated("by gapic-generator-java")
+public class GrpcNetworkSecurityCallableFactory implements GrpcStubCallableFactory {
+
+  @Override
+  public <RequestT, ResponseT> UnaryCallable<RequestT, ResponseT> createUnaryCallable(
+      GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+      UnaryCallSettings<RequestT, ResponseT> callSettings,
+      ClientContext clientContext) {
+    return GrpcCallableFactory.createUnaryCallable(grpcCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT, PagedListResponseT>
+      UnaryCallable<RequestT, PagedListResponseT> createPagedCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          PagedCallSettings<RequestT, ResponseT, PagedListResponseT> callSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createPagedCallable(grpcCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT> UnaryCallable<RequestT, ResponseT> createBatchingCallable(
+      GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+      BatchingCallSettings<RequestT, ResponseT> callSettings,
+      ClientContext clientContext) {
+    return GrpcCallableFactory.createBatchingCallable(
+        grpcCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT, MetadataT>
+      OperationCallable<RequestT, ResponseT, MetadataT> createOperationCallable(
+          GrpcCallSettings<RequestT, Operation> grpcCallSettings,
+          OperationCallSettings<RequestT, ResponseT, MetadataT> callSettings,
+          ClientContext clientContext,
+          OperationsStub operationsStub) {
+    return GrpcCallableFactory.createOperationCallable(
+        grpcCallSettings, callSettings, clientContext, operationsStub);
+  }
+
+  @Override
+  public <RequestT, ResponseT>
+      BidiStreamingCallable<RequestT, ResponseT> createBidiStreamingCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          StreamingCallSettings<RequestT, ResponseT> callSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createBidiStreamingCallable(
+        grpcCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT>
+      ServerStreamingCallable<RequestT, ResponseT> createServerStreamingCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          ServerStreamingCallSettings<RequestT, ResponseT> callSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createServerStreamingCallable(
+        grpcCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT>
+      ClientStreamingCallable<RequestT, ResponseT> createClientStreamingCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          StreamingCallSettings<RequestT, ResponseT> callSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createClientStreamingCallable(
+        grpcCallSettings, callSettings, clientContext);
+  }
+}
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityStub.java b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityStub.java
new file mode 100644
index 000000000000..87af37d45ebe
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/GrpcNetworkSecurityStub.java
@@ -0,0 +1,860 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1.stub;
+
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
+
+import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.core.BackgroundResourceAggregation;
+import com.google.api.gax.grpc.GrpcCallSettings;
+import com.google.api.gax.grpc.GrpcStubCallableFactory;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.OperationCallable;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.networksecurity.v1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse;
+import com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1.OperationMetadata;
+import com.google.cloud.networksecurity.v1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest;
+import com.google.common.collect.ImmutableMap;
+import com.google.longrunning.Operation;
+import com.google.longrunning.stub.GrpcOperationsStub;
+import com.google.protobuf.Empty;
+import io.grpc.MethodDescriptor;
+import io.grpc.protobuf.ProtoUtils;
+import java.io.IOException;
+import java.util.concurrent.TimeUnit;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * gRPC stub implementation for the NetworkSecurity service API.
+ *
+ * <p>This class is for advanced usage and reflects the underlying API directly.
+ */
+@Generated("by gapic-generator-java")
+public class GrpcNetworkSecurityStub extends NetworkSecurityStub {
+  private static final MethodDescriptor<
+          ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesMethodDescriptor =
+          MethodDescriptor
+              .<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/ListAuthorizationPolicies")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(ListAuthorizationPoliciesRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(ListAuthorizationPoliciesResponse.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyMethodDescriptor =
+          MethodDescriptor.<GetAuthorizationPolicyRequest, AuthorizationPolicy>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/GetAuthorizationPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(GetAuthorizationPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(AuthorizationPolicy.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyMethodDescriptor =
+          MethodDescriptor.<CreateAuthorizationPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/CreateAuthorizationPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(CreateAuthorizationPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyMethodDescriptor =
+          MethodDescriptor.<UpdateAuthorizationPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/UpdateAuthorizationPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(UpdateAuthorizationPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyMethodDescriptor =
+          MethodDescriptor.<DeleteAuthorizationPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/DeleteAuthorizationPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(DeleteAuthorizationPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesMethodDescriptor =
+          MethodDescriptor.<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/ListServerTlsPolicies")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(ListServerTlsPoliciesRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(ListServerTlsPoliciesResponse.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicyMethodDescriptor =
+          MethodDescriptor.<GetServerTlsPolicyRequest, ServerTlsPolicy>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/GetServerTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(GetServerTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(ServerTlsPolicy.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicyMethodDescriptor =
+          MethodDescriptor.<CreateServerTlsPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/CreateServerTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(CreateServerTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicyMethodDescriptor =
+          MethodDescriptor.<UpdateServerTlsPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/UpdateServerTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(UpdateServerTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicyMethodDescriptor =
+          MethodDescriptor.<DeleteServerTlsPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/DeleteServerTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(DeleteServerTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesMethodDescriptor =
+          MethodDescriptor.<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/ListClientTlsPolicies")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(ListClientTlsPoliciesRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(ListClientTlsPoliciesResponse.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicyMethodDescriptor =
+          MethodDescriptor.<GetClientTlsPolicyRequest, ClientTlsPolicy>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/GetClientTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(GetClientTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(ClientTlsPolicy.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicyMethodDescriptor =
+          MethodDescriptor.<CreateClientTlsPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/CreateClientTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(CreateClientTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicyMethodDescriptor =
+          MethodDescriptor.<UpdateClientTlsPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/UpdateClientTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(UpdateClientTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicyMethodDescriptor =
+          MethodDescriptor.<DeleteClientTlsPolicyRequest, Operation>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1.NetworkSecurity/DeleteClientTlsPolicy")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(DeleteClientTlsPolicyRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
+              .build();
+
+  private final UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesCallable;
+  private final UnaryCallable<
+          ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesPagedCallable;
+  private final UnaryCallable<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyCallable;
+  private final UnaryCallable<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyCallable;
+  private final OperationCallable<
+          CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationCallable;
+  private final UnaryCallable<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyCallable;
+  private final OperationCallable<
+          UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationCallable;
+  private final UnaryCallable<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyCallable;
+  private final OperationCallable<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationCallable;
+  private final UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesCallable;
+  private final UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesPagedCallable;
+  private final UnaryCallable<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicyCallable;
+  private final UnaryCallable<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicyCallable;
+  private final OperationCallable<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationCallable;
+  private final UnaryCallable<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicyCallable;
+  private final OperationCallable<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationCallable;
+  private final UnaryCallable<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicyCallable;
+  private final OperationCallable<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationCallable;
+  private final UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesCallable;
+  private final UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesPagedCallable;
+  private final UnaryCallable<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicyCallable;
+  private final UnaryCallable<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicyCallable;
+  private final OperationCallable<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationCallable;
+  private final UnaryCallable<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicyCallable;
+  private final OperationCallable<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationCallable;
+  private final UnaryCallable<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicyCallable;
+  private final OperationCallable<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationCallable;
+
+  private final BackgroundResource backgroundResources;
+  private final GrpcOperationsStub operationsStub;
+  private final GrpcStubCallableFactory callableFactory;
+
+  public static final GrpcNetworkSecurityStub create(NetworkSecurityStubSettings settings)
+      throws IOException {
+    return new GrpcNetworkSecurityStub(settings, ClientContext.create(settings));
+  }
+
+  public static final GrpcNetworkSecurityStub create(ClientContext clientContext)
+      throws IOException {
+    return new GrpcNetworkSecurityStub(
+        NetworkSecurityStubSettings.newBuilder().build(), clientContext);
+  }
+
+  public static final GrpcNetworkSecurityStub create(
+      ClientContext clientContext, GrpcStubCallableFactory callableFactory) throws IOException {
+    return new GrpcNetworkSecurityStub(
+        NetworkSecurityStubSettings.newBuilder().build(), clientContext, callableFactory);
+  }
+
+  /**
+   * Constructs an instance of GrpcNetworkSecurityStub, using the given settings. This is protected
+   * so that it is easy to make a subclass, but otherwise, the static factory methods should be
+   * preferred.
+   */
+  protected GrpcNetworkSecurityStub(
+      NetworkSecurityStubSettings settings, ClientContext clientContext) throws IOException {
+    this(settings, clientContext, new GrpcNetworkSecurityCallableFactory());
+  }
+
+  /**
+   * Constructs an instance of GrpcNetworkSecurityStub, using the given settings. This is protected
+   * so that it is easy to make a subclass, but otherwise, the static factory methods should be
+   * preferred.
+   */
+  protected GrpcNetworkSecurityStub(
+      NetworkSecurityStubSettings settings,
+      ClientContext clientContext,
+      GrpcStubCallableFactory callableFactory)
+      throws IOException {
+    this.callableFactory = callableFactory;
+    this.operationsStub = GrpcOperationsStub.create(clientContext, callableFactory);
+
+    GrpcCallSettings<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+        listAuthorizationPoliciesTransportSettings =
+            GrpcCallSettings
+                .<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>newBuilder()
+                .setMethodDescriptor(listAuthorizationPoliciesMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("parent", String.valueOf(request.getParent()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+        getAuthorizationPolicyTransportSettings =
+            GrpcCallSettings.<GetAuthorizationPolicyRequest, AuthorizationPolicy>newBuilder()
+                .setMethodDescriptor(getAuthorizationPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("name", String.valueOf(request.getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<CreateAuthorizationPolicyRequest, Operation>
+        createAuthorizationPolicyTransportSettings =
+            GrpcCallSettings.<CreateAuthorizationPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(createAuthorizationPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("parent", String.valueOf(request.getParent()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<UpdateAuthorizationPolicyRequest, Operation>
+        updateAuthorizationPolicyTransportSettings =
+            GrpcCallSettings.<UpdateAuthorizationPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(updateAuthorizationPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put(
+                          "authorization_policy.name",
+                          String.valueOf(request.getAuthorizationPolicy().getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<DeleteAuthorizationPolicyRequest, Operation>
+        deleteAuthorizationPolicyTransportSettings =
+            GrpcCallSettings.<DeleteAuthorizationPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(deleteAuthorizationPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("name", String.valueOf(request.getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+        listServerTlsPoliciesTransportSettings =
+            GrpcCallSettings
+                .<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>newBuilder()
+                .setMethodDescriptor(listServerTlsPoliciesMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("parent", String.valueOf(request.getParent()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<GetServerTlsPolicyRequest, ServerTlsPolicy>
+        getServerTlsPolicyTransportSettings =
+            GrpcCallSettings.<GetServerTlsPolicyRequest, ServerTlsPolicy>newBuilder()
+                .setMethodDescriptor(getServerTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("name", String.valueOf(request.getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<CreateServerTlsPolicyRequest, Operation>
+        createServerTlsPolicyTransportSettings =
+            GrpcCallSettings.<CreateServerTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(createServerTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("parent", String.valueOf(request.getParent()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<UpdateServerTlsPolicyRequest, Operation>
+        updateServerTlsPolicyTransportSettings =
+            GrpcCallSettings.<UpdateServerTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(updateServerTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put(
+                          "server_tls_policy.name",
+                          String.valueOf(request.getServerTlsPolicy().getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<DeleteServerTlsPolicyRequest, Operation>
+        deleteServerTlsPolicyTransportSettings =
+            GrpcCallSettings.<DeleteServerTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(deleteServerTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("name", String.valueOf(request.getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+        listClientTlsPoliciesTransportSettings =
+            GrpcCallSettings
+                .<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>newBuilder()
+                .setMethodDescriptor(listClientTlsPoliciesMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("parent", String.valueOf(request.getParent()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<GetClientTlsPolicyRequest, ClientTlsPolicy>
+        getClientTlsPolicyTransportSettings =
+            GrpcCallSettings.<GetClientTlsPolicyRequest, ClientTlsPolicy>newBuilder()
+                .setMethodDescriptor(getClientTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("name", String.valueOf(request.getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<CreateClientTlsPolicyRequest, Operation>
+        createClientTlsPolicyTransportSettings =
+            GrpcCallSettings.<CreateClientTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(createClientTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("parent", String.valueOf(request.getParent()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<UpdateClientTlsPolicyRequest, Operation>
+        updateClientTlsPolicyTransportSettings =
+            GrpcCallSettings.<UpdateClientTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(updateClientTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put(
+                          "client_tls_policy.name",
+                          String.valueOf(request.getClientTlsPolicy().getName()));
+                      return params.build();
+                    })
+                .build();
+    GrpcCallSettings<DeleteClientTlsPolicyRequest, Operation>
+        deleteClientTlsPolicyTransportSettings =
+            GrpcCallSettings.<DeleteClientTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(deleteClientTlsPolicyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("name", String.valueOf(request.getName()));
+                      return params.build();
+                    })
+                .build();
+
+    this.listAuthorizationPoliciesCallable =
+        callableFactory.createUnaryCallable(
+            listAuthorizationPoliciesTransportSettings,
+            settings.listAuthorizationPoliciesSettings(),
+            clientContext);
+    this.listAuthorizationPoliciesPagedCallable =
+        callableFactory.createPagedCallable(
+            listAuthorizationPoliciesTransportSettings,
+            settings.listAuthorizationPoliciesSettings(),
+            clientContext);
+    this.getAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getAuthorizationPolicyTransportSettings,
+            settings.getAuthorizationPolicySettings(),
+            clientContext);
+    this.createAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            createAuthorizationPolicyTransportSettings,
+            settings.createAuthorizationPolicySettings(),
+            clientContext);
+    this.createAuthorizationPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            createAuthorizationPolicyTransportSettings,
+            settings.createAuthorizationPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.updateAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            updateAuthorizationPolicyTransportSettings,
+            settings.updateAuthorizationPolicySettings(),
+            clientContext);
+    this.updateAuthorizationPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            updateAuthorizationPolicyTransportSettings,
+            settings.updateAuthorizationPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.deleteAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            deleteAuthorizationPolicyTransportSettings,
+            settings.deleteAuthorizationPolicySettings(),
+            clientContext);
+    this.deleteAuthorizationPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            deleteAuthorizationPolicyTransportSettings,
+            settings.deleteAuthorizationPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.listServerTlsPoliciesCallable =
+        callableFactory.createUnaryCallable(
+            listServerTlsPoliciesTransportSettings,
+            settings.listServerTlsPoliciesSettings(),
+            clientContext);
+    this.listServerTlsPoliciesPagedCallable =
+        callableFactory.createPagedCallable(
+            listServerTlsPoliciesTransportSettings,
+            settings.listServerTlsPoliciesSettings(),
+            clientContext);
+    this.getServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getServerTlsPolicyTransportSettings,
+            settings.getServerTlsPolicySettings(),
+            clientContext);
+    this.createServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            createServerTlsPolicyTransportSettings,
+            settings.createServerTlsPolicySettings(),
+            clientContext);
+    this.createServerTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            createServerTlsPolicyTransportSettings,
+            settings.createServerTlsPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.updateServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            updateServerTlsPolicyTransportSettings,
+            settings.updateServerTlsPolicySettings(),
+            clientContext);
+    this.updateServerTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            updateServerTlsPolicyTransportSettings,
+            settings.updateServerTlsPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.deleteServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            deleteServerTlsPolicyTransportSettings,
+            settings.deleteServerTlsPolicySettings(),
+            clientContext);
+    this.deleteServerTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            deleteServerTlsPolicyTransportSettings,
+            settings.deleteServerTlsPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.listClientTlsPoliciesCallable =
+        callableFactory.createUnaryCallable(
+            listClientTlsPoliciesTransportSettings,
+            settings.listClientTlsPoliciesSettings(),
+            clientContext);
+    this.listClientTlsPoliciesPagedCallable =
+        callableFactory.createPagedCallable(
+            listClientTlsPoliciesTransportSettings,
+            settings.listClientTlsPoliciesSettings(),
+            clientContext);
+    this.getClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getClientTlsPolicyTransportSettings,
+            settings.getClientTlsPolicySettings(),
+            clientContext);
+    this.createClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            createClientTlsPolicyTransportSettings,
+            settings.createClientTlsPolicySettings(),
+            clientContext);
+    this.createClientTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            createClientTlsPolicyTransportSettings,
+            settings.createClientTlsPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.updateClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            updateClientTlsPolicyTransportSettings,
+            settings.updateClientTlsPolicySettings(),
+            clientContext);
+    this.updateClientTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            updateClientTlsPolicyTransportSettings,
+            settings.updateClientTlsPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+    this.deleteClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            deleteClientTlsPolicyTransportSettings,
+            settings.deleteClientTlsPolicySettings(),
+            clientContext);
+    this.deleteClientTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            deleteClientTlsPolicyTransportSettings,
+            settings.deleteClientTlsPolicyOperationSettings(),
+            clientContext,
+            operationsStub);
+
+    this.backgroundResources =
+        new BackgroundResourceAggregation(clientContext.getBackgroundResources());
+  }
+
+  public GrpcOperationsStub getOperationsStub() {
+    return operationsStub;
+  }
+
+  @Override
+  public UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesCallable() {
+    return listAuthorizationPoliciesCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesPagedCallable() {
+    return listAuthorizationPoliciesPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyCallable() {
+    return getAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyCallable() {
+    return createAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationCallable() {
+    return createAuthorizationPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyCallable() {
+    return updateAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationCallable() {
+    return updateAuthorizationPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyCallable() {
+    return deleteAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationCallable() {
+    return deleteAuthorizationPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesCallable() {
+    return listServerTlsPoliciesCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesPagedCallable() {
+    return listServerTlsPoliciesPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetServerTlsPolicyRequest, ServerTlsPolicy> getServerTlsPolicyCallable() {
+    return getServerTlsPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<CreateServerTlsPolicyRequest, Operation> createServerTlsPolicyCallable() {
+    return createServerTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationCallable() {
+    return createServerTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<UpdateServerTlsPolicyRequest, Operation> updateServerTlsPolicyCallable() {
+    return updateServerTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationCallable() {
+    return updateServerTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<DeleteServerTlsPolicyRequest, Operation> deleteServerTlsPolicyCallable() {
+    return deleteServerTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationCallable() {
+    return deleteServerTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesCallable() {
+    return listClientTlsPoliciesCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesPagedCallable() {
+    return listClientTlsPoliciesPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetClientTlsPolicyRequest, ClientTlsPolicy> getClientTlsPolicyCallable() {
+    return getClientTlsPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<CreateClientTlsPolicyRequest, Operation> createClientTlsPolicyCallable() {
+    return createClientTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationCallable() {
+    return createClientTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<UpdateClientTlsPolicyRequest, Operation> updateClientTlsPolicyCallable() {
+    return updateClientTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationCallable() {
+    return updateClientTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<DeleteClientTlsPolicyRequest, Operation> deleteClientTlsPolicyCallable() {
+    return deleteClientTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationCallable() {
+    return deleteClientTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public final void close() {
+    try {
+      backgroundResources.close();
+    } catch (RuntimeException e) {
+      throw e;
+    } catch (Exception e) {
+      throw new IllegalStateException("Failed to close resource", e);
+    }
+  }
+
+  @Override
+  public void shutdown() {
+    backgroundResources.shutdown();
+  }
+
+  @Override
+  public boolean isShutdown() {
+    return backgroundResources.isShutdown();
+  }
+
+  @Override
+  public boolean isTerminated() {
+    return backgroundResources.isTerminated();
+  }
+
+  @Override
+  public void shutdownNow() {
+    backgroundResources.shutdownNow();
+  }
+
+  @Override
+  public boolean awaitTermination(long duration, TimeUnit unit) throws InterruptedException {
+    return backgroundResources.awaitTermination(duration, unit);
+  }
+}
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStub.java b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStub.java
new file mode 100644
index 000000000000..89a200162784
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStub.java
@@ -0,0 +1,207 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1.stub;
+
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
+
+import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.rpc.OperationCallable;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.networksecurity.v1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse;
+import com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1.OperationMetadata;
+import com.google.cloud.networksecurity.v1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest;
+import com.google.longrunning.Operation;
+import com.google.longrunning.stub.OperationsStub;
+import com.google.protobuf.Empty;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * Base stub class for the NetworkSecurity service API.
+ *
+ * <p>This class is for advanced usage and reflects the underlying API directly.
+ */
+@Generated("by gapic-generator-java")
+public abstract class NetworkSecurityStub implements BackgroundResource {
+
+  public OperationsStub getOperationsStub() {
+    throw new UnsupportedOperationException("Not implemented: getOperationsStub()");
+  }
+
+  public UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesPagedCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: listAuthorizationPoliciesPagedCallable()");
+  }
+
+  public UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesCallable() {
+    throw new UnsupportedOperationException("Not implemented: listAuthorizationPoliciesCallable()");
+  }
+
+  public UnaryCallable<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: getAuthorizationPolicyCallable()");
+  }
+
+  public OperationCallable<CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: createAuthorizationPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: createAuthorizationPolicyCallable()");
+  }
+
+  public OperationCallable<UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: updateAuthorizationPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: updateAuthorizationPolicyCallable()");
+  }
+
+  public OperationCallable<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: deleteAuthorizationPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: deleteAuthorizationPolicyCallable()");
+  }
+
+  public UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesPagedCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: listServerTlsPoliciesPagedCallable()");
+  }
+
+  public UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesCallable() {
+    throw new UnsupportedOperationException("Not implemented: listServerTlsPoliciesCallable()");
+  }
+
+  public UnaryCallable<GetServerTlsPolicyRequest, ServerTlsPolicy> getServerTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: getServerTlsPolicyCallable()");
+  }
+
+  public OperationCallable<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: createServerTlsPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<CreateServerTlsPolicyRequest, Operation> createServerTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: createServerTlsPolicyCallable()");
+  }
+
+  public OperationCallable<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: updateServerTlsPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<UpdateServerTlsPolicyRequest, Operation> updateServerTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: updateServerTlsPolicyCallable()");
+  }
+
+  public OperationCallable<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: deleteServerTlsPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<DeleteServerTlsPolicyRequest, Operation> deleteServerTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: deleteServerTlsPolicyCallable()");
+  }
+
+  public UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesPagedCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: listClientTlsPoliciesPagedCallable()");
+  }
+
+  public UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesCallable() {
+    throw new UnsupportedOperationException("Not implemented: listClientTlsPoliciesCallable()");
+  }
+
+  public UnaryCallable<GetClientTlsPolicyRequest, ClientTlsPolicy> getClientTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: getClientTlsPolicyCallable()");
+  }
+
+  public OperationCallable<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: createClientTlsPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<CreateClientTlsPolicyRequest, Operation> createClientTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: createClientTlsPolicyCallable()");
+  }
+
+  public OperationCallable<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: updateClientTlsPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<UpdateClientTlsPolicyRequest, Operation> updateClientTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: updateClientTlsPolicyCallable()");
+  }
+
+  public OperationCallable<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationCallable() {
+    throw new UnsupportedOperationException(
+        "Not implemented: deleteClientTlsPolicyOperationCallable()");
+  }
+
+  public UnaryCallable<DeleteClientTlsPolicyRequest, Operation> deleteClientTlsPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: deleteClientTlsPolicyCallable()");
+  }
+
+  @Override
+  public abstract void close();
+}
diff --git a/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStubSettings.java b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStubSettings.java
new file mode 100644
index 000000000000..d9c8897c4469
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1/stub/NetworkSecurityStubSettings.java
@@ -0,0 +1,1372 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1.stub;
+
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
+
+import com.google.api.core.ApiFunction;
+import com.google.api.core.ApiFuture;
+import com.google.api.core.BetaApi;
+import com.google.api.gax.core.GaxProperties;
+import com.google.api.gax.core.GoogleCredentialsProvider;
+import com.google.api.gax.core.InstantiatingExecutorProvider;
+import com.google.api.gax.grpc.GaxGrpcProperties;
+import com.google.api.gax.grpc.GrpcTransportChannel;
+import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider;
+import com.google.api.gax.grpc.ProtoOperationTransformers;
+import com.google.api.gax.longrunning.OperationSnapshot;
+import com.google.api.gax.longrunning.OperationTimedPollAlgorithm;
+import com.google.api.gax.retrying.RetrySettings;
+import com.google.api.gax.rpc.ApiCallContext;
+import com.google.api.gax.rpc.ApiClientHeaderProvider;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.OperationCallSettings;
+import com.google.api.gax.rpc.PageContext;
+import com.google.api.gax.rpc.PagedCallSettings;
+import com.google.api.gax.rpc.PagedListDescriptor;
+import com.google.api.gax.rpc.PagedListResponseFactory;
+import com.google.api.gax.rpc.StatusCode;
+import com.google.api.gax.rpc.StubSettings;
+import com.google.api.gax.rpc.TransportChannelProvider;
+import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.networksecurity.v1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse;
+import com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1.OperationMetadata;
+import com.google.cloud.networksecurity.v1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Lists;
+import com.google.longrunning.Operation;
+import com.google.protobuf.Empty;
+import java.io.IOException;
+import java.util.List;
+import javax.annotation.Generated;
+import org.threeten.bp.Duration;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * Settings class to configure an instance of {@link NetworkSecurityStub}.
+ *
+ * <p>The default instance has everything set to sensible defaults:
+ *
+ * <ul>
+ *   <li>The default service address (networksecurity.googleapis.com) and default port (443) are
+ *       used.
+ *   <li>Credentials are acquired automatically through Application Default Credentials.
+ *   <li>Retries are configured for idempotent methods but not for non-idempotent methods.
+ * </ul>
+ *
+ * <p>The builder of this class is recursive, so contained classes are themselves builders. When
+ * build() is called, the tree of builders is called to create the complete settings object.
+ *
+ * <p>For example, to set the total timeout of getAuthorizationPolicy to 30 seconds:
+ *
+ * <pre>{@code
+ * // This snippet has been automatically generated for illustrative purposes only.
+ * // It may require modifications to work in your environment.
+ * NetworkSecurityStubSettings.Builder networkSecuritySettingsBuilder =
+ *     NetworkSecurityStubSettings.newBuilder();
+ * networkSecuritySettingsBuilder
+ *     .getAuthorizationPolicySettings()
+ *     .setRetrySettings(
+ *         networkSecuritySettingsBuilder
+ *             .getAuthorizationPolicySettings()
+ *             .getRetrySettings()
+ *             .toBuilder()
+ *             .setTotalTimeout(Duration.ofSeconds(30))
+ *             .build());
+ * NetworkSecurityStubSettings networkSecuritySettings = networkSecuritySettingsBuilder.build();
+ * }</pre>
+ */
+@Generated("by gapic-generator-java")
+public class NetworkSecurityStubSettings extends StubSettings<NetworkSecurityStubSettings> {
+  /** The default scopes of the service. */
+  private static final ImmutableList<String> DEFAULT_SERVICE_SCOPES =
+      ImmutableList.<String>builder().add("https://www.googleapis.com/auth/cloud-platform").build();
+
+  private final PagedCallSettings<
+          ListAuthorizationPoliciesRequest,
+          ListAuthorizationPoliciesResponse,
+          ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesSettings;
+  private final UnaryCallSettings<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicySettings;
+  private final UnaryCallSettings<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicySettings;
+  private final OperationCallSettings<
+          CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationSettings;
+  private final UnaryCallSettings<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicySettings;
+  private final OperationCallSettings<
+          UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationSettings;
+  private final UnaryCallSettings<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicySettings;
+  private final OperationCallSettings<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationSettings;
+  private final PagedCallSettings<
+          ListServerTlsPoliciesRequest,
+          ListServerTlsPoliciesResponse,
+          ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesSettings;
+  private final UnaryCallSettings<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicySettings;
+  private final UnaryCallSettings<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicySettings;
+  private final OperationCallSettings<
+          CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationSettings;
+  private final UnaryCallSettings<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicySettings;
+  private final OperationCallSettings<
+          UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationSettings;
+  private final UnaryCallSettings<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicySettings;
+  private final OperationCallSettings<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationSettings;
+  private final PagedCallSettings<
+          ListClientTlsPoliciesRequest,
+          ListClientTlsPoliciesResponse,
+          ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesSettings;
+  private final UnaryCallSettings<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicySettings;
+  private final UnaryCallSettings<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicySettings;
+  private final OperationCallSettings<
+          CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationSettings;
+  private final UnaryCallSettings<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicySettings;
+  private final OperationCallSettings<
+          UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationSettings;
+  private final UnaryCallSettings<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicySettings;
+  private final OperationCallSettings<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationSettings;
+
+  private static final PagedListDescriptor<
+          ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse, AuthorizationPolicy>
+      LIST_AUTHORIZATION_POLICIES_PAGE_STR_DESC =
+          new PagedListDescriptor<
+              ListAuthorizationPoliciesRequest,
+              ListAuthorizationPoliciesResponse,
+              AuthorizationPolicy>() {
+            @Override
+            public String emptyToken() {
+              return "";
+            }
+
+            @Override
+            public ListAuthorizationPoliciesRequest injectToken(
+                ListAuthorizationPoliciesRequest payload, String token) {
+              return ListAuthorizationPoliciesRequest.newBuilder(payload)
+                  .setPageToken(token)
+                  .build();
+            }
+
+            @Override
+            public ListAuthorizationPoliciesRequest injectPageSize(
+                ListAuthorizationPoliciesRequest payload, int pageSize) {
+              return ListAuthorizationPoliciesRequest.newBuilder(payload)
+                  .setPageSize(pageSize)
+                  .build();
+            }
+
+            @Override
+            public Integer extractPageSize(ListAuthorizationPoliciesRequest payload) {
+              return payload.getPageSize();
+            }
+
+            @Override
+            public String extractNextToken(ListAuthorizationPoliciesResponse payload) {
+              return payload.getNextPageToken();
+            }
+
+            @Override
+            public Iterable<AuthorizationPolicy> extractResources(
+                ListAuthorizationPoliciesResponse payload) {
+              return payload.getAuthorizationPoliciesList() == null
+                  ? ImmutableList.<AuthorizationPolicy>of()
+                  : payload.getAuthorizationPoliciesList();
+            }
+          };
+
+  private static final PagedListDescriptor<
+          ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse, ServerTlsPolicy>
+      LIST_SERVER_TLS_POLICIES_PAGE_STR_DESC =
+          new PagedListDescriptor<
+              ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse, ServerTlsPolicy>() {
+            @Override
+            public String emptyToken() {
+              return "";
+            }
+
+            @Override
+            public ListServerTlsPoliciesRequest injectToken(
+                ListServerTlsPoliciesRequest payload, String token) {
+              return ListServerTlsPoliciesRequest.newBuilder(payload).setPageToken(token).build();
+            }
+
+            @Override
+            public ListServerTlsPoliciesRequest injectPageSize(
+                ListServerTlsPoliciesRequest payload, int pageSize) {
+              return ListServerTlsPoliciesRequest.newBuilder(payload).setPageSize(pageSize).build();
+            }
+
+            @Override
+            public Integer extractPageSize(ListServerTlsPoliciesRequest payload) {
+              return payload.getPageSize();
+            }
+
+            @Override
+            public String extractNextToken(ListServerTlsPoliciesResponse payload) {
+              return payload.getNextPageToken();
+            }
+
+            @Override
+            public Iterable<ServerTlsPolicy> extractResources(
+                ListServerTlsPoliciesResponse payload) {
+              return payload.getServerTlsPoliciesList() == null
+                  ? ImmutableList.<ServerTlsPolicy>of()
+                  : payload.getServerTlsPoliciesList();
+            }
+          };
+
+  private static final PagedListDescriptor<
+          ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse, ClientTlsPolicy>
+      LIST_CLIENT_TLS_POLICIES_PAGE_STR_DESC =
+          new PagedListDescriptor<
+              ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse, ClientTlsPolicy>() {
+            @Override
+            public String emptyToken() {
+              return "";
+            }
+
+            @Override
+            public ListClientTlsPoliciesRequest injectToken(
+                ListClientTlsPoliciesRequest payload, String token) {
+              return ListClientTlsPoliciesRequest.newBuilder(payload).setPageToken(token).build();
+            }
+
+            @Override
+            public ListClientTlsPoliciesRequest injectPageSize(
+                ListClientTlsPoliciesRequest payload, int pageSize) {
+              return ListClientTlsPoliciesRequest.newBuilder(payload).setPageSize(pageSize).build();
+            }
+
+            @Override
+            public Integer extractPageSize(ListClientTlsPoliciesRequest payload) {
+              return payload.getPageSize();
+            }
+
+            @Override
+            public String extractNextToken(ListClientTlsPoliciesResponse payload) {
+              return payload.getNextPageToken();
+            }
+
+            @Override
+            public Iterable<ClientTlsPolicy> extractResources(
+                ListClientTlsPoliciesResponse payload) {
+              return payload.getClientTlsPoliciesList() == null
+                  ? ImmutableList.<ClientTlsPolicy>of()
+                  : payload.getClientTlsPoliciesList();
+            }
+          };
+
+  private static final PagedListResponseFactory<
+          ListAuthorizationPoliciesRequest,
+          ListAuthorizationPoliciesResponse,
+          ListAuthorizationPoliciesPagedResponse>
+      LIST_AUTHORIZATION_POLICIES_PAGE_STR_FACT =
+          new PagedListResponseFactory<
+              ListAuthorizationPoliciesRequest,
+              ListAuthorizationPoliciesResponse,
+              ListAuthorizationPoliciesPagedResponse>() {
+            @Override
+            public ApiFuture<ListAuthorizationPoliciesPagedResponse> getFuturePagedResponse(
+                UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+                    callable,
+                ListAuthorizationPoliciesRequest request,
+                ApiCallContext context,
+                ApiFuture<ListAuthorizationPoliciesResponse> futureResponse) {
+              PageContext<
+                      ListAuthorizationPoliciesRequest,
+                      ListAuthorizationPoliciesResponse,
+                      AuthorizationPolicy>
+                  pageContext =
+                      PageContext.create(
+                          callable, LIST_AUTHORIZATION_POLICIES_PAGE_STR_DESC, request, context);
+              return ListAuthorizationPoliciesPagedResponse.createAsync(
+                  pageContext, futureResponse);
+            }
+          };
+
+  private static final PagedListResponseFactory<
+          ListServerTlsPoliciesRequest,
+          ListServerTlsPoliciesResponse,
+          ListServerTlsPoliciesPagedResponse>
+      LIST_SERVER_TLS_POLICIES_PAGE_STR_FACT =
+          new PagedListResponseFactory<
+              ListServerTlsPoliciesRequest,
+              ListServerTlsPoliciesResponse,
+              ListServerTlsPoliciesPagedResponse>() {
+            @Override
+            public ApiFuture<ListServerTlsPoliciesPagedResponse> getFuturePagedResponse(
+                UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse> callable,
+                ListServerTlsPoliciesRequest request,
+                ApiCallContext context,
+                ApiFuture<ListServerTlsPoliciesResponse> futureResponse) {
+              PageContext<
+                      ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse, ServerTlsPolicy>
+                  pageContext =
+                      PageContext.create(
+                          callable, LIST_SERVER_TLS_POLICIES_PAGE_STR_DESC, request, context);
+              return ListServerTlsPoliciesPagedResponse.createAsync(pageContext, futureResponse);
+            }
+          };
+
+  private static final PagedListResponseFactory<
+          ListClientTlsPoliciesRequest,
+          ListClientTlsPoliciesResponse,
+          ListClientTlsPoliciesPagedResponse>
+      LIST_CLIENT_TLS_POLICIES_PAGE_STR_FACT =
+          new PagedListResponseFactory<
+              ListClientTlsPoliciesRequest,
+              ListClientTlsPoliciesResponse,
+              ListClientTlsPoliciesPagedResponse>() {
+            @Override
+            public ApiFuture<ListClientTlsPoliciesPagedResponse> getFuturePagedResponse(
+                UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse> callable,
+                ListClientTlsPoliciesRequest request,
+                ApiCallContext context,
+                ApiFuture<ListClientTlsPoliciesResponse> futureResponse) {
+              PageContext<
+                      ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse, ClientTlsPolicy>
+                  pageContext =
+                      PageContext.create(
+                          callable, LIST_CLIENT_TLS_POLICIES_PAGE_STR_DESC, request, context);
+              return ListClientTlsPoliciesPagedResponse.createAsync(pageContext, futureResponse);
+            }
+          };
+
+  /** Returns the object with the settings used for calls to listAuthorizationPolicies. */
+  public PagedCallSettings<
+          ListAuthorizationPoliciesRequest,
+          ListAuthorizationPoliciesResponse,
+          ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesSettings() {
+    return listAuthorizationPoliciesSettings;
+  }
+
+  /** Returns the object with the settings used for calls to getAuthorizationPolicy. */
+  public UnaryCallSettings<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicySettings() {
+    return getAuthorizationPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to createAuthorizationPolicy. */
+  public UnaryCallSettings<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicySettings() {
+    return createAuthorizationPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to createAuthorizationPolicy. */
+  public OperationCallSettings<
+          CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationSettings() {
+    return createAuthorizationPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to updateAuthorizationPolicy. */
+  public UnaryCallSettings<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicySettings() {
+    return updateAuthorizationPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to updateAuthorizationPolicy. */
+  public OperationCallSettings<
+          UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationSettings() {
+    return updateAuthorizationPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to deleteAuthorizationPolicy. */
+  public UnaryCallSettings<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicySettings() {
+    return deleteAuthorizationPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to deleteAuthorizationPolicy. */
+  public OperationCallSettings<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationSettings() {
+    return deleteAuthorizationPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to listServerTlsPolicies. */
+  public PagedCallSettings<
+          ListServerTlsPoliciesRequest,
+          ListServerTlsPoliciesResponse,
+          ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesSettings() {
+    return listServerTlsPoliciesSettings;
+  }
+
+  /** Returns the object with the settings used for calls to getServerTlsPolicy. */
+  public UnaryCallSettings<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicySettings() {
+    return getServerTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to createServerTlsPolicy. */
+  public UnaryCallSettings<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicySettings() {
+    return createServerTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to createServerTlsPolicy. */
+  public OperationCallSettings<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationSettings() {
+    return createServerTlsPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to updateServerTlsPolicy. */
+  public UnaryCallSettings<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicySettings() {
+    return updateServerTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to updateServerTlsPolicy. */
+  public OperationCallSettings<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationSettings() {
+    return updateServerTlsPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to deleteServerTlsPolicy. */
+  public UnaryCallSettings<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicySettings() {
+    return deleteServerTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to deleteServerTlsPolicy. */
+  public OperationCallSettings<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationSettings() {
+    return deleteServerTlsPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to listClientTlsPolicies. */
+  public PagedCallSettings<
+          ListClientTlsPoliciesRequest,
+          ListClientTlsPoliciesResponse,
+          ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesSettings() {
+    return listClientTlsPoliciesSettings;
+  }
+
+  /** Returns the object with the settings used for calls to getClientTlsPolicy. */
+  public UnaryCallSettings<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicySettings() {
+    return getClientTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to createClientTlsPolicy. */
+  public UnaryCallSettings<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicySettings() {
+    return createClientTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to createClientTlsPolicy. */
+  public OperationCallSettings<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationSettings() {
+    return createClientTlsPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to updateClientTlsPolicy. */
+  public UnaryCallSettings<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicySettings() {
+    return updateClientTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to updateClientTlsPolicy. */
+  public OperationCallSettings<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationSettings() {
+    return updateClientTlsPolicyOperationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to deleteClientTlsPolicy. */
+  public UnaryCallSettings<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicySettings() {
+    return deleteClientTlsPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to deleteClientTlsPolicy. */
+  public OperationCallSettings<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationSettings() {
+    return deleteClientTlsPolicyOperationSettings;
+  }
+
+  public NetworkSecurityStub createStub() throws IOException {
+    if (getTransportChannelProvider()
+        .getTransportName()
+        .equals(GrpcTransportChannel.getGrpcTransportName())) {
+      return GrpcNetworkSecurityStub.create(this);
+    }
+    throw new UnsupportedOperationException(
+        String.format(
+            "Transport not supported: %s", getTransportChannelProvider().getTransportName()));
+  }
+
+  /** Returns a builder for the default ExecutorProvider for this service. */
+  public static InstantiatingExecutorProvider.Builder defaultExecutorProviderBuilder() {
+    return InstantiatingExecutorProvider.newBuilder();
+  }
+
+  /** Returns the default service endpoint. */
+  public static String getDefaultEndpoint() {
+    return "networksecurity.googleapis.com:443";
+  }
+
+  /** Returns the default mTLS service endpoint. */
+  public static String getDefaultMtlsEndpoint() {
+    return "networksecurity.mtls.googleapis.com:443";
+  }
+
+  /** Returns the default service scopes. */
+  public static List<String> getDefaultServiceScopes() {
+    return DEFAULT_SERVICE_SCOPES;
+  }
+
+  /** Returns a builder for the default credentials for this service. */
+  public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilder() {
+    return GoogleCredentialsProvider.newBuilder()
+        .setScopesToApply(DEFAULT_SERVICE_SCOPES)
+        .setUseJwtAccessWithScope(true);
+  }
+
+  /** Returns a builder for the default ChannelProvider for this service. */
+  public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() {
+    return InstantiatingGrpcChannelProvider.newBuilder()
+        .setMaxInboundMessageSize(Integer.MAX_VALUE);
+  }
+
+  public static TransportChannelProvider defaultTransportChannelProvider() {
+    return defaultGrpcTransportProviderBuilder().build();
+  }
+
+  @BetaApi("The surface for customizing headers is not stable yet and may change in the future.")
+  public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() {
+    return ApiClientHeaderProvider.newBuilder()
+        .setGeneratedLibToken(
+            "gapic", GaxProperties.getLibraryVersion(NetworkSecurityStubSettings.class))
+        .setTransportToken(
+            GaxGrpcProperties.getGrpcTokenName(), GaxGrpcProperties.getGrpcVersion());
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder() {
+    return Builder.createDefault();
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder(ClientContext clientContext) {
+    return new Builder(clientContext);
+  }
+
+  /** Returns a builder containing all the values of this settings class. */
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  protected NetworkSecurityStubSettings(Builder settingsBuilder) throws IOException {
+    super(settingsBuilder);
+
+    listAuthorizationPoliciesSettings = settingsBuilder.listAuthorizationPoliciesSettings().build();
+    getAuthorizationPolicySettings = settingsBuilder.getAuthorizationPolicySettings().build();
+    createAuthorizationPolicySettings = settingsBuilder.createAuthorizationPolicySettings().build();
+    createAuthorizationPolicyOperationSettings =
+        settingsBuilder.createAuthorizationPolicyOperationSettings().build();
+    updateAuthorizationPolicySettings = settingsBuilder.updateAuthorizationPolicySettings().build();
+    updateAuthorizationPolicyOperationSettings =
+        settingsBuilder.updateAuthorizationPolicyOperationSettings().build();
+    deleteAuthorizationPolicySettings = settingsBuilder.deleteAuthorizationPolicySettings().build();
+    deleteAuthorizationPolicyOperationSettings =
+        settingsBuilder.deleteAuthorizationPolicyOperationSettings().build();
+    listServerTlsPoliciesSettings = settingsBuilder.listServerTlsPoliciesSettings().build();
+    getServerTlsPolicySettings = settingsBuilder.getServerTlsPolicySettings().build();
+    createServerTlsPolicySettings = settingsBuilder.createServerTlsPolicySettings().build();
+    createServerTlsPolicyOperationSettings =
+        settingsBuilder.createServerTlsPolicyOperationSettings().build();
+    updateServerTlsPolicySettings = settingsBuilder.updateServerTlsPolicySettings().build();
+    updateServerTlsPolicyOperationSettings =
+        settingsBuilder.updateServerTlsPolicyOperationSettings().build();
+    deleteServerTlsPolicySettings = settingsBuilder.deleteServerTlsPolicySettings().build();
+    deleteServerTlsPolicyOperationSettings =
+        settingsBuilder.deleteServerTlsPolicyOperationSettings().build();
+    listClientTlsPoliciesSettings = settingsBuilder.listClientTlsPoliciesSettings().build();
+    getClientTlsPolicySettings = settingsBuilder.getClientTlsPolicySettings().build();
+    createClientTlsPolicySettings = settingsBuilder.createClientTlsPolicySettings().build();
+    createClientTlsPolicyOperationSettings =
+        settingsBuilder.createClientTlsPolicyOperationSettings().build();
+    updateClientTlsPolicySettings = settingsBuilder.updateClientTlsPolicySettings().build();
+    updateClientTlsPolicyOperationSettings =
+        settingsBuilder.updateClientTlsPolicyOperationSettings().build();
+    deleteClientTlsPolicySettings = settingsBuilder.deleteClientTlsPolicySettings().build();
+    deleteClientTlsPolicyOperationSettings =
+        settingsBuilder.deleteClientTlsPolicyOperationSettings().build();
+  }
+
+  /** Builder for NetworkSecurityStubSettings. */
+  public static class Builder extends StubSettings.Builder<NetworkSecurityStubSettings, Builder> {
+    private final ImmutableList<UnaryCallSettings.Builder<?, ?>> unaryMethodSettingsBuilders;
+    private final PagedCallSettings.Builder<
+            ListAuthorizationPoliciesRequest,
+            ListAuthorizationPoliciesResponse,
+            ListAuthorizationPoliciesPagedResponse>
+        listAuthorizationPoliciesSettings;
+    private final UnaryCallSettings.Builder<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+        getAuthorizationPolicySettings;
+    private final UnaryCallSettings.Builder<CreateAuthorizationPolicyRequest, Operation>
+        createAuthorizationPolicySettings;
+    private final OperationCallSettings.Builder<
+            CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+        createAuthorizationPolicyOperationSettings;
+    private final UnaryCallSettings.Builder<UpdateAuthorizationPolicyRequest, Operation>
+        updateAuthorizationPolicySettings;
+    private final OperationCallSettings.Builder<
+            UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+        updateAuthorizationPolicyOperationSettings;
+    private final UnaryCallSettings.Builder<DeleteAuthorizationPolicyRequest, Operation>
+        deleteAuthorizationPolicySettings;
+    private final OperationCallSettings.Builder<
+            DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+        deleteAuthorizationPolicyOperationSettings;
+    private final PagedCallSettings.Builder<
+            ListServerTlsPoliciesRequest,
+            ListServerTlsPoliciesResponse,
+            ListServerTlsPoliciesPagedResponse>
+        listServerTlsPoliciesSettings;
+    private final UnaryCallSettings.Builder<GetServerTlsPolicyRequest, ServerTlsPolicy>
+        getServerTlsPolicySettings;
+    private final UnaryCallSettings.Builder<CreateServerTlsPolicyRequest, Operation>
+        createServerTlsPolicySettings;
+    private final OperationCallSettings.Builder<
+            CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+        createServerTlsPolicyOperationSettings;
+    private final UnaryCallSettings.Builder<UpdateServerTlsPolicyRequest, Operation>
+        updateServerTlsPolicySettings;
+    private final OperationCallSettings.Builder<
+            UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+        updateServerTlsPolicyOperationSettings;
+    private final UnaryCallSettings.Builder<DeleteServerTlsPolicyRequest, Operation>
+        deleteServerTlsPolicySettings;
+    private final OperationCallSettings.Builder<
+            DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+        deleteServerTlsPolicyOperationSettings;
+    private final PagedCallSettings.Builder<
+            ListClientTlsPoliciesRequest,
+            ListClientTlsPoliciesResponse,
+            ListClientTlsPoliciesPagedResponse>
+        listClientTlsPoliciesSettings;
+    private final UnaryCallSettings.Builder<GetClientTlsPolicyRequest, ClientTlsPolicy>
+        getClientTlsPolicySettings;
+    private final UnaryCallSettings.Builder<CreateClientTlsPolicyRequest, Operation>
+        createClientTlsPolicySettings;
+    private final OperationCallSettings.Builder<
+            CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+        createClientTlsPolicyOperationSettings;
+    private final UnaryCallSettings.Builder<UpdateClientTlsPolicyRequest, Operation>
+        updateClientTlsPolicySettings;
+    private final OperationCallSettings.Builder<
+            UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+        updateClientTlsPolicyOperationSettings;
+    private final UnaryCallSettings.Builder<DeleteClientTlsPolicyRequest, Operation>
+        deleteClientTlsPolicySettings;
+    private final OperationCallSettings.Builder<
+            DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+        deleteClientTlsPolicyOperationSettings;
+    private static final ImmutableMap<String, ImmutableSet<StatusCode.Code>>
+        RETRYABLE_CODE_DEFINITIONS;
+
+    static {
+      ImmutableMap.Builder<String, ImmutableSet<StatusCode.Code>> definitions =
+          ImmutableMap.builder();
+      definitions.put(
+          "no_retry_0_codes", ImmutableSet.copyOf(Lists.<StatusCode.Code>newArrayList()));
+      RETRYABLE_CODE_DEFINITIONS = definitions.build();
+    }
+
+    private static final ImmutableMap<String, RetrySettings> RETRY_PARAM_DEFINITIONS;
+
+    static {
+      ImmutableMap.Builder<String, RetrySettings> definitions = ImmutableMap.builder();
+      RetrySettings settings = null;
+      settings =
+          RetrySettings.newBuilder()
+              .setInitialRpcTimeout(Duration.ofMillis(60000L))
+              .setRpcTimeoutMultiplier(1.0)
+              .setMaxRpcTimeout(Duration.ofMillis(60000L))
+              .setTotalTimeout(Duration.ofMillis(60000L))
+              .build();
+      definitions.put("no_retry_0_params", settings);
+      RETRY_PARAM_DEFINITIONS = definitions.build();
+    }
+
+    protected Builder() {
+      this(((ClientContext) null));
+    }
+
+    protected Builder(ClientContext clientContext) {
+      super(clientContext);
+
+      listAuthorizationPoliciesSettings =
+          PagedCallSettings.newBuilder(LIST_AUTHORIZATION_POLICIES_PAGE_STR_FACT);
+      getAuthorizationPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      createAuthorizationPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      createAuthorizationPolicyOperationSettings = OperationCallSettings.newBuilder();
+      updateAuthorizationPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      updateAuthorizationPolicyOperationSettings = OperationCallSettings.newBuilder();
+      deleteAuthorizationPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      deleteAuthorizationPolicyOperationSettings = OperationCallSettings.newBuilder();
+      listServerTlsPoliciesSettings =
+          PagedCallSettings.newBuilder(LIST_SERVER_TLS_POLICIES_PAGE_STR_FACT);
+      getServerTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      createServerTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      createServerTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
+      updateServerTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      updateServerTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
+      deleteServerTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      deleteServerTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
+      listClientTlsPoliciesSettings =
+          PagedCallSettings.newBuilder(LIST_CLIENT_TLS_POLICIES_PAGE_STR_FACT);
+      getClientTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      createClientTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      createClientTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
+      updateClientTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      updateClientTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
+      deleteClientTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      deleteClientTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
+
+      unaryMethodSettingsBuilders =
+          ImmutableList.<UnaryCallSettings.Builder<?, ?>>of(
+              listAuthorizationPoliciesSettings,
+              getAuthorizationPolicySettings,
+              createAuthorizationPolicySettings,
+              updateAuthorizationPolicySettings,
+              deleteAuthorizationPolicySettings,
+              listServerTlsPoliciesSettings,
+              getServerTlsPolicySettings,
+              createServerTlsPolicySettings,
+              updateServerTlsPolicySettings,
+              deleteServerTlsPolicySettings,
+              listClientTlsPoliciesSettings,
+              getClientTlsPolicySettings,
+              createClientTlsPolicySettings,
+              updateClientTlsPolicySettings,
+              deleteClientTlsPolicySettings);
+      initDefaults(this);
+    }
+
+    protected Builder(NetworkSecurityStubSettings settings) {
+      super(settings);
+
+      listAuthorizationPoliciesSettings = settings.listAuthorizationPoliciesSettings.toBuilder();
+      getAuthorizationPolicySettings = settings.getAuthorizationPolicySettings.toBuilder();
+      createAuthorizationPolicySettings = settings.createAuthorizationPolicySettings.toBuilder();
+      createAuthorizationPolicyOperationSettings =
+          settings.createAuthorizationPolicyOperationSettings.toBuilder();
+      updateAuthorizationPolicySettings = settings.updateAuthorizationPolicySettings.toBuilder();
+      updateAuthorizationPolicyOperationSettings =
+          settings.updateAuthorizationPolicyOperationSettings.toBuilder();
+      deleteAuthorizationPolicySettings = settings.deleteAuthorizationPolicySettings.toBuilder();
+      deleteAuthorizationPolicyOperationSettings =
+          settings.deleteAuthorizationPolicyOperationSettings.toBuilder();
+      listServerTlsPoliciesSettings = settings.listServerTlsPoliciesSettings.toBuilder();
+      getServerTlsPolicySettings = settings.getServerTlsPolicySettings.toBuilder();
+      createServerTlsPolicySettings = settings.createServerTlsPolicySettings.toBuilder();
+      createServerTlsPolicyOperationSettings =
+          settings.createServerTlsPolicyOperationSettings.toBuilder();
+      updateServerTlsPolicySettings = settings.updateServerTlsPolicySettings.toBuilder();
+      updateServerTlsPolicyOperationSettings =
+          settings.updateServerTlsPolicyOperationSettings.toBuilder();
+      deleteServerTlsPolicySettings = settings.deleteServerTlsPolicySettings.toBuilder();
+      deleteServerTlsPolicyOperationSettings =
+          settings.deleteServerTlsPolicyOperationSettings.toBuilder();
+      listClientTlsPoliciesSettings = settings.listClientTlsPoliciesSettings.toBuilder();
+      getClientTlsPolicySettings = settings.getClientTlsPolicySettings.toBuilder();
+      createClientTlsPolicySettings = settings.createClientTlsPolicySettings.toBuilder();
+      createClientTlsPolicyOperationSettings =
+          settings.createClientTlsPolicyOperationSettings.toBuilder();
+      updateClientTlsPolicySettings = settings.updateClientTlsPolicySettings.toBuilder();
+      updateClientTlsPolicyOperationSettings =
+          settings.updateClientTlsPolicyOperationSettings.toBuilder();
+      deleteClientTlsPolicySettings = settings.deleteClientTlsPolicySettings.toBuilder();
+      deleteClientTlsPolicyOperationSettings =
+          settings.deleteClientTlsPolicyOperationSettings.toBuilder();
+
+      unaryMethodSettingsBuilders =
+          ImmutableList.<UnaryCallSettings.Builder<?, ?>>of(
+              listAuthorizationPoliciesSettings,
+              getAuthorizationPolicySettings,
+              createAuthorizationPolicySettings,
+              updateAuthorizationPolicySettings,
+              deleteAuthorizationPolicySettings,
+              listServerTlsPoliciesSettings,
+              getServerTlsPolicySettings,
+              createServerTlsPolicySettings,
+              updateServerTlsPolicySettings,
+              deleteServerTlsPolicySettings,
+              listClientTlsPoliciesSettings,
+              getClientTlsPolicySettings,
+              createClientTlsPolicySettings,
+              updateClientTlsPolicySettings,
+              deleteClientTlsPolicySettings);
+    }
+
+    private static Builder createDefault() {
+      Builder builder = new Builder(((ClientContext) null));
+
+      builder.setTransportChannelProvider(defaultTransportChannelProvider());
+      builder.setCredentialsProvider(defaultCredentialsProviderBuilder().build());
+      builder.setInternalHeaderProvider(defaultApiClientHeaderProviderBuilder().build());
+      builder.setEndpoint(getDefaultEndpoint());
+      builder.setMtlsEndpoint(getDefaultMtlsEndpoint());
+      builder.setSwitchToMtlsEndpointAllowed(true);
+
+      return initDefaults(builder);
+    }
+
+    private static Builder initDefaults(Builder builder) {
+      builder
+          .listAuthorizationPoliciesSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .getAuthorizationPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .createAuthorizationPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .updateAuthorizationPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .deleteAuthorizationPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .listServerTlsPoliciesSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .getServerTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .createServerTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .updateServerTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .deleteServerTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .listClientTlsPoliciesSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .getClientTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .createClientTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .updateClientTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .deleteClientTlsPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .createAuthorizationPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<CreateAuthorizationPolicyRequest, OperationSnapshot>
+                      newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(AuthorizationPolicy.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .updateAuthorizationPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<UpdateAuthorizationPolicyRequest, OperationSnapshot>
+                      newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(AuthorizationPolicy.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .deleteAuthorizationPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<DeleteAuthorizationPolicyRequest, OperationSnapshot>
+                      newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(Empty.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .createServerTlsPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<CreateServerTlsPolicyRequest, OperationSnapshot>newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(ServerTlsPolicy.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .updateServerTlsPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<UpdateServerTlsPolicyRequest, OperationSnapshot>newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(ServerTlsPolicy.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .deleteServerTlsPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<DeleteServerTlsPolicyRequest, OperationSnapshot>newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(Empty.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .createClientTlsPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<CreateClientTlsPolicyRequest, OperationSnapshot>newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(ClientTlsPolicy.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .updateClientTlsPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<UpdateClientTlsPolicyRequest, OperationSnapshot>newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(ClientTlsPolicy.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      builder
+          .deleteClientTlsPolicyOperationSettings()
+          .setInitialCallSettings(
+              UnaryCallSettings
+                  .<DeleteClientTlsPolicyRequest, OperationSnapshot>newUnaryCallSettingsBuilder()
+                  .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+                  .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"))
+                  .build())
+          .setResponseTransformer(
+              ProtoOperationTransformers.ResponseTransformer.create(Empty.class))
+          .setMetadataTransformer(
+              ProtoOperationTransformers.MetadataTransformer.create(OperationMetadata.class))
+          .setPollingAlgorithm(
+              OperationTimedPollAlgorithm.create(
+                  RetrySettings.newBuilder()
+                      .setInitialRetryDelay(Duration.ofMillis(5000L))
+                      .setRetryDelayMultiplier(1.5)
+                      .setMaxRetryDelay(Duration.ofMillis(45000L))
+                      .setInitialRpcTimeout(Duration.ZERO)
+                      .setRpcTimeoutMultiplier(1.0)
+                      .setMaxRpcTimeout(Duration.ZERO)
+                      .setTotalTimeout(Duration.ofMillis(300000L))
+                      .build()));
+
+      return builder;
+    }
+
+    /**
+     * Applies the given settings updater function to all of the unary API methods in this service.
+     *
+     * <p>Note: This method does not support applying settings to streaming methods.
+     */
+    public Builder applyToAllUnaryMethods(
+        ApiFunction<UnaryCallSettings.Builder<?, ?>, Void> settingsUpdater) {
+      super.applyToAllUnaryMethods(unaryMethodSettingsBuilders, settingsUpdater);
+      return this;
+    }
+
+    public ImmutableList<UnaryCallSettings.Builder<?, ?>> unaryMethodSettingsBuilders() {
+      return unaryMethodSettingsBuilders;
+    }
+
+    /** Returns the builder for the settings used for calls to listAuthorizationPolicies. */
+    public PagedCallSettings.Builder<
+            ListAuthorizationPoliciesRequest,
+            ListAuthorizationPoliciesResponse,
+            ListAuthorizationPoliciesPagedResponse>
+        listAuthorizationPoliciesSettings() {
+      return listAuthorizationPoliciesSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to getAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+        getAuthorizationPolicySettings() {
+      return getAuthorizationPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to createAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<CreateAuthorizationPolicyRequest, Operation>
+        createAuthorizationPolicySettings() {
+      return createAuthorizationPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to createAuthorizationPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<
+            CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+        createAuthorizationPolicyOperationSettings() {
+      return createAuthorizationPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to updateAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<UpdateAuthorizationPolicyRequest, Operation>
+        updateAuthorizationPolicySettings() {
+      return updateAuthorizationPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to updateAuthorizationPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<
+            UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+        updateAuthorizationPolicyOperationSettings() {
+      return updateAuthorizationPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to deleteAuthorizationPolicy. */
+    public UnaryCallSettings.Builder<DeleteAuthorizationPolicyRequest, Operation>
+        deleteAuthorizationPolicySettings() {
+      return deleteAuthorizationPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to deleteAuthorizationPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+        deleteAuthorizationPolicyOperationSettings() {
+      return deleteAuthorizationPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to listServerTlsPolicies. */
+    public PagedCallSettings.Builder<
+            ListServerTlsPoliciesRequest,
+            ListServerTlsPoliciesResponse,
+            ListServerTlsPoliciesPagedResponse>
+        listServerTlsPoliciesSettings() {
+      return listServerTlsPoliciesSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to getServerTlsPolicy. */
+    public UnaryCallSettings.Builder<GetServerTlsPolicyRequest, ServerTlsPolicy>
+        getServerTlsPolicySettings() {
+      return getServerTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to createServerTlsPolicy. */
+    public UnaryCallSettings.Builder<CreateServerTlsPolicyRequest, Operation>
+        createServerTlsPolicySettings() {
+      return createServerTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to createServerTlsPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<
+            CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+        createServerTlsPolicyOperationSettings() {
+      return createServerTlsPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to updateServerTlsPolicy. */
+    public UnaryCallSettings.Builder<UpdateServerTlsPolicyRequest, Operation>
+        updateServerTlsPolicySettings() {
+      return updateServerTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to updateServerTlsPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<
+            UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+        updateServerTlsPolicyOperationSettings() {
+      return updateServerTlsPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to deleteServerTlsPolicy. */
+    public UnaryCallSettings.Builder<DeleteServerTlsPolicyRequest, Operation>
+        deleteServerTlsPolicySettings() {
+      return deleteServerTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to deleteServerTlsPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+        deleteServerTlsPolicyOperationSettings() {
+      return deleteServerTlsPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to listClientTlsPolicies. */
+    public PagedCallSettings.Builder<
+            ListClientTlsPoliciesRequest,
+            ListClientTlsPoliciesResponse,
+            ListClientTlsPoliciesPagedResponse>
+        listClientTlsPoliciesSettings() {
+      return listClientTlsPoliciesSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to getClientTlsPolicy. */
+    public UnaryCallSettings.Builder<GetClientTlsPolicyRequest, ClientTlsPolicy>
+        getClientTlsPolicySettings() {
+      return getClientTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to createClientTlsPolicy. */
+    public UnaryCallSettings.Builder<CreateClientTlsPolicyRequest, Operation>
+        createClientTlsPolicySettings() {
+      return createClientTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to createClientTlsPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<
+            CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+        createClientTlsPolicyOperationSettings() {
+      return createClientTlsPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to updateClientTlsPolicy. */
+    public UnaryCallSettings.Builder<UpdateClientTlsPolicyRequest, Operation>
+        updateClientTlsPolicySettings() {
+      return updateClientTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to updateClientTlsPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<
+            UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+        updateClientTlsPolicyOperationSettings() {
+      return updateClientTlsPolicyOperationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to deleteClientTlsPolicy. */
+    public UnaryCallSettings.Builder<DeleteClientTlsPolicyRequest, Operation>
+        deleteClientTlsPolicySettings() {
+      return deleteClientTlsPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to deleteClientTlsPolicy. */
+    @BetaApi(
+        "The surface for use by generated code is not stable yet and may change in the future.")
+    public OperationCallSettings.Builder<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+        deleteClientTlsPolicyOperationSettings() {
+      return deleteClientTlsPolicyOperationSettings;
+    }
+
+    @Override
+    public NetworkSecurityStubSettings build() throws IOException {
+      return new NetworkSecurityStubSettings(this);
+    }
+  }
+}
diff --git a/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurity.java b/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurity.java
new file mode 100644
index 000000000000..c26d247efabe
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurity.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.grpc.testing.MockGrpcService;
+import com.google.protobuf.AbstractMessage;
+import io.grpc.ServerServiceDefinition;
+import java.util.List;
+import javax.annotation.Generated;
+
+@BetaApi
+@Generated("by gapic-generator-java")
+public class MockNetworkSecurity implements MockGrpcService {
+  private final MockNetworkSecurityImpl serviceImpl;
+
+  public MockNetworkSecurity() {
+    serviceImpl = new MockNetworkSecurityImpl();
+  }
+
+  @Override
+  public List<AbstractMessage> getRequests() {
+    return serviceImpl.getRequests();
+  }
+
+  @Override
+  public void addResponse(AbstractMessage response) {
+    serviceImpl.addResponse(response);
+  }
+
+  @Override
+  public void addException(Exception exception) {
+    serviceImpl.addException(exception);
+  }
+
+  @Override
+  public ServerServiceDefinition getServiceDefinition() {
+    return serviceImpl.bindService();
+  }
+
+  @Override
+  public void reset() {
+    serviceImpl.reset();
+  }
+}
diff --git a/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurityImpl.java b/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurityImpl.java
new file mode 100644
index 000000000000..ead812b01db6
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/MockNetworkSecurityImpl.java
@@ -0,0 +1,379 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import com.google.api.core.BetaApi;
+import com.google.cloud.networksecurity.v1.NetworkSecurityGrpc.NetworkSecurityImplBase;
+import com.google.longrunning.Operation;
+import com.google.protobuf.AbstractMessage;
+import io.grpc.stub.StreamObserver;
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Queue;
+import javax.annotation.Generated;
+
+@BetaApi
+@Generated("by gapic-generator-java")
+public class MockNetworkSecurityImpl extends NetworkSecurityImplBase {
+  private List<AbstractMessage> requests;
+  private Queue<Object> responses;
+
+  public MockNetworkSecurityImpl() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  public List<AbstractMessage> getRequests() {
+    return requests;
+  }
+
+  public void addResponse(AbstractMessage response) {
+    responses.add(response);
+  }
+
+  public void setResponses(List<AbstractMessage> responses) {
+    this.responses = new LinkedList<Object>(responses);
+  }
+
+  public void addException(Exception exception) {
+    responses.add(exception);
+  }
+
+  public void reset() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  @Override
+  public void listAuthorizationPolicies(
+      ListAuthorizationPoliciesRequest request,
+      StreamObserver<ListAuthorizationPoliciesResponse> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof ListAuthorizationPoliciesResponse) {
+      requests.add(request);
+      responseObserver.onNext(((ListAuthorizationPoliciesResponse) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method ListAuthorizationPolicies, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  ListAuthorizationPoliciesResponse.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void getAuthorizationPolicy(
+      GetAuthorizationPolicyRequest request, StreamObserver<AuthorizationPolicy> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof AuthorizationPolicy) {
+      requests.add(request);
+      responseObserver.onNext(((AuthorizationPolicy) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method GetAuthorizationPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  AuthorizationPolicy.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void createAuthorizationPolicy(
+      CreateAuthorizationPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method CreateAuthorizationPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void updateAuthorizationPolicy(
+      UpdateAuthorizationPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method UpdateAuthorizationPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void deleteAuthorizationPolicy(
+      DeleteAuthorizationPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method DeleteAuthorizationPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void listServerTlsPolicies(
+      ListServerTlsPoliciesRequest request,
+      StreamObserver<ListServerTlsPoliciesResponse> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof ListServerTlsPoliciesResponse) {
+      requests.add(request);
+      responseObserver.onNext(((ListServerTlsPoliciesResponse) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method ListServerTlsPolicies, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  ListServerTlsPoliciesResponse.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void getServerTlsPolicy(
+      GetServerTlsPolicyRequest request, StreamObserver<ServerTlsPolicy> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof ServerTlsPolicy) {
+      requests.add(request);
+      responseObserver.onNext(((ServerTlsPolicy) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method GetServerTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  ServerTlsPolicy.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void createServerTlsPolicy(
+      CreateServerTlsPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method CreateServerTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void updateServerTlsPolicy(
+      UpdateServerTlsPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method UpdateServerTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void deleteServerTlsPolicy(
+      DeleteServerTlsPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method DeleteServerTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void listClientTlsPolicies(
+      ListClientTlsPoliciesRequest request,
+      StreamObserver<ListClientTlsPoliciesResponse> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof ListClientTlsPoliciesResponse) {
+      requests.add(request);
+      responseObserver.onNext(((ListClientTlsPoliciesResponse) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method ListClientTlsPolicies, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  ListClientTlsPoliciesResponse.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void getClientTlsPolicy(
+      GetClientTlsPolicyRequest request, StreamObserver<ClientTlsPolicy> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof ClientTlsPolicy) {
+      requests.add(request);
+      responseObserver.onNext(((ClientTlsPolicy) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method GetClientTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  ClientTlsPolicy.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void createClientTlsPolicy(
+      CreateClientTlsPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method CreateClientTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void updateClientTlsPolicy(
+      UpdateClientTlsPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method UpdateClientTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void deleteClientTlsPolicy(
+      DeleteClientTlsPolicyRequest request, StreamObserver<Operation> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Operation) {
+      requests.add(request);
+      responseObserver.onNext(((Operation) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method DeleteClientTlsPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Operation.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+}
diff --git a/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/NetworkSecurityClientTest.java b/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/NetworkSecurityClientTest.java
new file mode 100644
index 000000000000..13ae4ff48e8b
--- /dev/null
+++ b/java-network-security/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1/NetworkSecurityClientTest.java
@@ -0,0 +1,1463 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
+
+import com.google.api.gax.core.NoCredentialsProvider;
+import com.google.api.gax.grpc.GaxGrpcProperties;
+import com.google.api.gax.grpc.testing.LocalChannelProvider;
+import com.google.api.gax.grpc.testing.MockGrpcService;
+import com.google.api.gax.grpc.testing.MockServiceHelper;
+import com.google.api.gax.rpc.ApiClientHeaderProvider;
+import com.google.api.gax.rpc.InvalidArgumentException;
+import com.google.api.gax.rpc.StatusCode;
+import com.google.common.collect.Lists;
+import com.google.longrunning.Operation;
+import com.google.protobuf.AbstractMessage;
+import com.google.protobuf.Any;
+import com.google.protobuf.Empty;
+import com.google.protobuf.FieldMask;
+import com.google.protobuf.Timestamp;
+import io.grpc.StatusRuntimeException;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.UUID;
+import java.util.concurrent.ExecutionException;
+import javax.annotation.Generated;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+@Generated("by gapic-generator-java")
+public class NetworkSecurityClientTest {
+  private static MockNetworkSecurity mockNetworkSecurity;
+  private static MockServiceHelper mockServiceHelper;
+  private LocalChannelProvider channelProvider;
+  private NetworkSecurityClient client;
+
+  @BeforeClass
+  public static void startStaticServer() {
+    mockNetworkSecurity = new MockNetworkSecurity();
+    mockServiceHelper =
+        new MockServiceHelper(
+            UUID.randomUUID().toString(), Arrays.<MockGrpcService>asList(mockNetworkSecurity));
+    mockServiceHelper.start();
+  }
+
+  @AfterClass
+  public static void stopServer() {
+    mockServiceHelper.stop();
+  }
+
+  @Before
+  public void setUp() throws IOException {
+    mockServiceHelper.reset();
+    channelProvider = mockServiceHelper.createChannelProvider();
+    NetworkSecuritySettings settings =
+        NetworkSecuritySettings.newBuilder()
+            .setTransportChannelProvider(channelProvider)
+            .setCredentialsProvider(NoCredentialsProvider.create())
+            .build();
+    client = NetworkSecurityClient.create(settings);
+  }
+
+  @After
+  public void tearDown() throws Exception {
+    client.close();
+  }
+
+  @Test
+  public void listAuthorizationPoliciesTest() throws Exception {
+    AuthorizationPolicy responsesElement = AuthorizationPolicy.newBuilder().build();
+    ListAuthorizationPoliciesResponse expectedResponse =
+        ListAuthorizationPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllAuthorizationPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+
+    ListAuthorizationPoliciesPagedResponse pagedListResponse =
+        client.listAuthorizationPolicies(parent);
+
+    List<AuthorizationPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getAuthorizationPoliciesList().get(0), resources.get(0));
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    ListAuthorizationPoliciesRequest actualRequest =
+        ((ListAuthorizationPoliciesRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent.toString(), actualRequest.getParent());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void listAuthorizationPoliciesExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      client.listAuthorizationPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void listAuthorizationPoliciesTest2() throws Exception {
+    AuthorizationPolicy responsesElement = AuthorizationPolicy.newBuilder().build();
+    ListAuthorizationPoliciesResponse expectedResponse =
+        ListAuthorizationPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllAuthorizationPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    String parent = "parent-995424086";
+
+    ListAuthorizationPoliciesPagedResponse pagedListResponse =
+        client.listAuthorizationPolicies(parent);
+
+    List<AuthorizationPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getAuthorizationPoliciesList().get(0), resources.get(0));
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    ListAuthorizationPoliciesRequest actualRequest =
+        ((ListAuthorizationPoliciesRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent, actualRequest.getParent());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void listAuthorizationPoliciesExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String parent = "parent-995424086";
+      client.listAuthorizationPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getAuthorizationPolicyTest() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    AuthorizationPolicyName name =
+        AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+
+    AuthorizationPolicy actualResponse = client.getAuthorizationPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetAuthorizationPolicyRequest actualRequest =
+        ((GetAuthorizationPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name.toString(), actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getAuthorizationPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      AuthorizationPolicyName name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      client.getAuthorizationPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getAuthorizationPolicyTest2() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    String name = "name3373707";
+
+    AuthorizationPolicy actualResponse = client.getAuthorizationPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetAuthorizationPolicyRequest actualRequest =
+        ((GetAuthorizationPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name, actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getAuthorizationPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String name = "name3373707";
+      client.getAuthorizationPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void createAuthorizationPolicyTest() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+    AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+    String authorizationPolicyId = "authorizationPolicyId1314252166";
+
+    AuthorizationPolicy actualResponse =
+        client
+            .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+            .get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    CreateAuthorizationPolicyRequest actualRequest =
+        ((CreateAuthorizationPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent.toString(), actualRequest.getParent());
+    Assert.assertEquals(authorizationPolicy, actualRequest.getAuthorizationPolicy());
+    Assert.assertEquals(authorizationPolicyId, actualRequest.getAuthorizationPolicyId());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void createAuthorizationPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      String authorizationPolicyId = "authorizationPolicyId1314252166";
+      client
+          .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+          .get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void createAuthorizationPolicyTest2() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    String parent = "parent-995424086";
+    AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+    String authorizationPolicyId = "authorizationPolicyId1314252166";
+
+    AuthorizationPolicy actualResponse =
+        client
+            .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+            .get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    CreateAuthorizationPolicyRequest actualRequest =
+        ((CreateAuthorizationPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent, actualRequest.getParent());
+    Assert.assertEquals(authorizationPolicy, actualRequest.getAuthorizationPolicy());
+    Assert.assertEquals(authorizationPolicyId, actualRequest.getAuthorizationPolicyId());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void createAuthorizationPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String parent = "parent-995424086";
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      String authorizationPolicyId = "authorizationPolicyId1314252166";
+      client
+          .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+          .get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void updateAuthorizationPolicyTest() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("updateAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+    FieldMask updateMask = FieldMask.newBuilder().build();
+
+    AuthorizationPolicy actualResponse =
+        client.updateAuthorizationPolicyAsync(authorizationPolicy, updateMask).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    UpdateAuthorizationPolicyRequest actualRequest =
+        ((UpdateAuthorizationPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(authorizationPolicy, actualRequest.getAuthorizationPolicy());
+    Assert.assertEquals(updateMask, actualRequest.getUpdateMask());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void updateAuthorizationPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      client.updateAuthorizationPolicyAsync(authorizationPolicy, updateMask).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyTest() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    AuthorizationPolicyName name =
+        AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+
+    client.deleteAuthorizationPolicyAsync(name).get();
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    DeleteAuthorizationPolicyRequest actualRequest =
+        ((DeleteAuthorizationPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name.toString(), actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      AuthorizationPolicyName name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      client.deleteAuthorizationPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyTest2() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    String name = "name3373707";
+
+    client.deleteAuthorizationPolicyAsync(name).get();
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    DeleteAuthorizationPolicyRequest actualRequest =
+        ((DeleteAuthorizationPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name, actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String name = "name3373707";
+      client.deleteAuthorizationPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void listServerTlsPoliciesTest() throws Exception {
+    ServerTlsPolicy responsesElement = ServerTlsPolicy.newBuilder().build();
+    ListServerTlsPoliciesResponse expectedResponse =
+        ListServerTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllServerTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+
+    ListServerTlsPoliciesPagedResponse pagedListResponse = client.listServerTlsPolicies(parent);
+
+    List<ServerTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getServerTlsPoliciesList().get(0), resources.get(0));
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    ListServerTlsPoliciesRequest actualRequest =
+        ((ListServerTlsPoliciesRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent.toString(), actualRequest.getParent());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void listServerTlsPoliciesExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      client.listServerTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void listServerTlsPoliciesTest2() throws Exception {
+    ServerTlsPolicy responsesElement = ServerTlsPolicy.newBuilder().build();
+    ListServerTlsPoliciesResponse expectedResponse =
+        ListServerTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllServerTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    String parent = "parent-995424086";
+
+    ListServerTlsPoliciesPagedResponse pagedListResponse = client.listServerTlsPolicies(parent);
+
+    List<ServerTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getServerTlsPoliciesList().get(0), resources.get(0));
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    ListServerTlsPoliciesRequest actualRequest =
+        ((ListServerTlsPoliciesRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent, actualRequest.getParent());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void listServerTlsPoliciesExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String parent = "parent-995424086";
+      client.listServerTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getServerTlsPolicyTest() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    ServerTlsPolicyName name =
+        ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+
+    ServerTlsPolicy actualResponse = client.getServerTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetServerTlsPolicyRequest actualRequest = ((GetServerTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name.toString(), actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getServerTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      ServerTlsPolicyName name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      client.getServerTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getServerTlsPolicyTest2() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    String name = "name3373707";
+
+    ServerTlsPolicy actualResponse = client.getServerTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetServerTlsPolicyRequest actualRequest = ((GetServerTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name, actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getServerTlsPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String name = "name3373707";
+      client.getServerTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void createServerTlsPolicyTest() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+    ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+    String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+
+    ServerTlsPolicy actualResponse =
+        client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    CreateServerTlsPolicyRequest actualRequest =
+        ((CreateServerTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent.toString(), actualRequest.getParent());
+    Assert.assertEquals(serverTlsPolicy, actualRequest.getServerTlsPolicy());
+    Assert.assertEquals(serverTlsPolicyId, actualRequest.getServerTlsPolicyId());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void createServerTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+      client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void createServerTlsPolicyTest2() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    String parent = "parent-995424086";
+    ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+    String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+
+    ServerTlsPolicy actualResponse =
+        client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    CreateServerTlsPolicyRequest actualRequest =
+        ((CreateServerTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent, actualRequest.getParent());
+    Assert.assertEquals(serverTlsPolicy, actualRequest.getServerTlsPolicy());
+    Assert.assertEquals(serverTlsPolicyId, actualRequest.getServerTlsPolicyId());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void createServerTlsPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String parent = "parent-995424086";
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+      client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void updateServerTlsPolicyTest() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("updateServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+    FieldMask updateMask = FieldMask.newBuilder().build();
+
+    ServerTlsPolicy actualResponse =
+        client.updateServerTlsPolicyAsync(serverTlsPolicy, updateMask).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    UpdateServerTlsPolicyRequest actualRequest =
+        ((UpdateServerTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(serverTlsPolicy, actualRequest.getServerTlsPolicy());
+    Assert.assertEquals(updateMask, actualRequest.getUpdateMask());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void updateServerTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      client.updateServerTlsPolicyAsync(serverTlsPolicy, updateMask).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void deleteServerTlsPolicyTest() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    ServerTlsPolicyName name =
+        ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+
+    client.deleteServerTlsPolicyAsync(name).get();
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    DeleteServerTlsPolicyRequest actualRequest =
+        ((DeleteServerTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name.toString(), actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void deleteServerTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      ServerTlsPolicyName name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      client.deleteServerTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void deleteServerTlsPolicyTest2() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    String name = "name3373707";
+
+    client.deleteServerTlsPolicyAsync(name).get();
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    DeleteServerTlsPolicyRequest actualRequest =
+        ((DeleteServerTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name, actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void deleteServerTlsPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String name = "name3373707";
+      client.deleteServerTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void listClientTlsPoliciesTest() throws Exception {
+    ClientTlsPolicy responsesElement = ClientTlsPolicy.newBuilder().build();
+    ListClientTlsPoliciesResponse expectedResponse =
+        ListClientTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllClientTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+
+    ListClientTlsPoliciesPagedResponse pagedListResponse = client.listClientTlsPolicies(parent);
+
+    List<ClientTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getClientTlsPoliciesList().get(0), resources.get(0));
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    ListClientTlsPoliciesRequest actualRequest =
+        ((ListClientTlsPoliciesRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent.toString(), actualRequest.getParent());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void listClientTlsPoliciesExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      client.listClientTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void listClientTlsPoliciesTest2() throws Exception {
+    ClientTlsPolicy responsesElement = ClientTlsPolicy.newBuilder().build();
+    ListClientTlsPoliciesResponse expectedResponse =
+        ListClientTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllClientTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    String parent = "parent-995424086";
+
+    ListClientTlsPoliciesPagedResponse pagedListResponse = client.listClientTlsPolicies(parent);
+
+    List<ClientTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getClientTlsPoliciesList().get(0), resources.get(0));
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    ListClientTlsPoliciesRequest actualRequest =
+        ((ListClientTlsPoliciesRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent, actualRequest.getParent());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void listClientTlsPoliciesExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String parent = "parent-995424086";
+      client.listClientTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getClientTlsPolicyTest() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    ClientTlsPolicyName name =
+        ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+
+    ClientTlsPolicy actualResponse = client.getClientTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetClientTlsPolicyRequest actualRequest = ((GetClientTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name.toString(), actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getClientTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      ClientTlsPolicyName name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      client.getClientTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getClientTlsPolicyTest2() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    mockNetworkSecurity.addResponse(expectedResponse);
+
+    String name = "name3373707";
+
+    ClientTlsPolicy actualResponse = client.getClientTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetClientTlsPolicyRequest actualRequest = ((GetClientTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name, actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getClientTlsPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String name = "name3373707";
+      client.getClientTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void createClientTlsPolicyTest() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+    ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+    String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+
+    ClientTlsPolicy actualResponse =
+        client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    CreateClientTlsPolicyRequest actualRequest =
+        ((CreateClientTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent.toString(), actualRequest.getParent());
+    Assert.assertEquals(clientTlsPolicy, actualRequest.getClientTlsPolicy());
+    Assert.assertEquals(clientTlsPolicyId, actualRequest.getClientTlsPolicyId());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void createClientTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+      client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void createClientTlsPolicyTest2() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    String parent = "parent-995424086";
+    ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+    String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+
+    ClientTlsPolicy actualResponse =
+        client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    CreateClientTlsPolicyRequest actualRequest =
+        ((CreateClientTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(parent, actualRequest.getParent());
+    Assert.assertEquals(clientTlsPolicy, actualRequest.getClientTlsPolicy());
+    Assert.assertEquals(clientTlsPolicyId, actualRequest.getClientTlsPolicyId());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void createClientTlsPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String parent = "parent-995424086";
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+      client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void updateClientTlsPolicyTest() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("updateClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+    FieldMask updateMask = FieldMask.newBuilder().build();
+
+    ClientTlsPolicy actualResponse =
+        client.updateClientTlsPolicyAsync(clientTlsPolicy, updateMask).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    UpdateClientTlsPolicyRequest actualRequest =
+        ((UpdateClientTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(clientTlsPolicy, actualRequest.getClientTlsPolicy());
+    Assert.assertEquals(updateMask, actualRequest.getUpdateMask());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void updateClientTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      client.updateClientTlsPolicyAsync(clientTlsPolicy, updateMask).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void deleteClientTlsPolicyTest() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    ClientTlsPolicyName name =
+        ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+
+    client.deleteClientTlsPolicyAsync(name).get();
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    DeleteClientTlsPolicyRequest actualRequest =
+        ((DeleteClientTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name.toString(), actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void deleteClientTlsPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      ClientTlsPolicyName name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      client.deleteClientTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+
+  @Test
+  public void deleteClientTlsPolicyTest2() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockNetworkSecurity.addResponse(resultOperation);
+
+    String name = "name3373707";
+
+    client.deleteClientTlsPolicyAsync(name).get();
+
+    List<AbstractMessage> actualRequests = mockNetworkSecurity.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    DeleteClientTlsPolicyRequest actualRequest =
+        ((DeleteClientTlsPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(name, actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void deleteClientTlsPolicyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockNetworkSecurity.addException(exception);
+
+    try {
+      String name = "name3373707";
+      client.deleteClientTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+      Assert.assertEquals(InvalidArgumentException.class, e.getCause().getClass());
+      InvalidArgumentException apiException = ((InvalidArgumentException) e.getCause());
+      Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
+    }
+  }
+}
diff --git a/java-network-security/grpc-google-cloud-network-security-v1/pom.xml b/java-network-security/grpc-google-cloud-network-security-v1/pom.xml
new file mode 100644
index 000000000000..6edf2cdad164
--- /dev/null
+++ b/java-network-security/grpc-google-cloud-network-security-v1/pom.xml
@@ -0,0 +1,69 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>com.google.api.grpc</groupId>
+  <artifactId>grpc-google-cloud-network-security-v1</artifactId>
+  <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-network-security-v1:current} -->
+  <name>grpc-google-cloud-network-security-v1</name>
+  <description>GRPC library for google-cloud-network-security</description>
+  <parent>
+    <groupId>com.google.cloud</groupId>
+    <artifactId>google-cloud-network-security-parent</artifactId>
+    <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:google-cloud-network-security:current} -->
+  </parent>
+  <dependencies>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-stub</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-protobuf</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.protobuf</groupId>
+      <artifactId>protobuf-java</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-common-protos</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-cloud-network-security-v1</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+    </dependency>
+  </dependencies>
+
+  <profiles>
+    <profile>
+      <id>java9</id>
+      <activation>
+        <jdk>[9,)</jdk>
+      </activation>
+      <dependencies>
+        <dependency>
+          <groupId>javax.annotation</groupId>
+          <artifactId>javax.annotation-api</artifactId>
+        </dependency>
+      </dependencies>
+    </profile>
+  </profiles>
+
+  <build>
+    <plugins>
+      <plugin>
+          <groupId>org.codehaus.mojo</groupId>
+          <artifactId>flatten-maven-plugin</artifactId>
+        </plugin>
+    </plugins>
+  </build>
+</project>
\ No newline at end of file
diff --git a/java-network-security/grpc-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityGrpc.java b/java-network-security/grpc-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityGrpc.java
new file mode 100644
index 000000000000..d32cae5f056f
--- /dev/null
+++ b/java-network-security/grpc-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityGrpc.java
@@ -0,0 +1,2088 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.networksecurity.v1;
+
+import static io.grpc.MethodDescriptor.generateFullMethodName;
+
+/**
+ *
+ *
+ * <pre>
+ * Network Security API provides resources to configure authentication and
+ * authorization policies. Refer to per API resource documentation for more
+ * information.
+ * </pre>
+ */
+@javax.annotation.Generated(
+    value = "by gRPC proto compiler",
+    comments = "Source: google/cloud/networksecurity/v1/network_security.proto")
+@io.grpc.stub.annotations.GrpcGenerated
+public final class NetworkSecurityGrpc {
+
+  private NetworkSecurityGrpc() {}
+
+  public static final String SERVICE_NAME = "google.cloud.networksecurity.v1.NetworkSecurity";
+
+  // Static method descriptors that strictly reflect the proto.
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest,
+          com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>
+      getListAuthorizationPoliciesMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "ListAuthorizationPolicies",
+      requestType = com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest.class,
+      responseType = com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest,
+          com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>
+      getListAuthorizationPoliciesMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest,
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>
+        getListAuthorizationPoliciesMethod;
+    if ((getListAuthorizationPoliciesMethod =
+            NetworkSecurityGrpc.getListAuthorizationPoliciesMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getListAuthorizationPoliciesMethod =
+                NetworkSecurityGrpc.getListAuthorizationPoliciesMethod)
+            == null) {
+          NetworkSecurityGrpc.getListAuthorizationPoliciesMethod =
+              getListAuthorizationPoliciesMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest,
+                          com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "ListAuthorizationPolicies"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("ListAuthorizationPolicies"))
+                      .build();
+        }
+      }
+    }
+    return getListAuthorizationPoliciesMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+      getGetAuthorizationPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "GetAuthorizationPolicy",
+      requestType = com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.class,
+      responseType = com.google.cloud.networksecurity.v1.AuthorizationPolicy.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+      getGetAuthorizationPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+        getGetAuthorizationPolicyMethod;
+    if ((getGetAuthorizationPolicyMethod = NetworkSecurityGrpc.getGetAuthorizationPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getGetAuthorizationPolicyMethod = NetworkSecurityGrpc.getGetAuthorizationPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getGetAuthorizationPolicyMethod =
+              getGetAuthorizationPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest,
+                          com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "GetAuthorizationPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.AuthorizationPolicy
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("GetAuthorizationPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getGetAuthorizationPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest,
+          com.google.longrunning.Operation>
+      getCreateAuthorizationPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "CreateAuthorizationPolicy",
+      requestType = com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest,
+          com.google.longrunning.Operation>
+      getCreateAuthorizationPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest,
+            com.google.longrunning.Operation>
+        getCreateAuthorizationPolicyMethod;
+    if ((getCreateAuthorizationPolicyMethod =
+            NetworkSecurityGrpc.getCreateAuthorizationPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getCreateAuthorizationPolicyMethod =
+                NetworkSecurityGrpc.getCreateAuthorizationPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getCreateAuthorizationPolicyMethod =
+              getCreateAuthorizationPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "CreateAuthorizationPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("CreateAuthorizationPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getCreateAuthorizationPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest,
+          com.google.longrunning.Operation>
+      getUpdateAuthorizationPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "UpdateAuthorizationPolicy",
+      requestType = com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest,
+          com.google.longrunning.Operation>
+      getUpdateAuthorizationPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest,
+            com.google.longrunning.Operation>
+        getUpdateAuthorizationPolicyMethod;
+    if ((getUpdateAuthorizationPolicyMethod =
+            NetworkSecurityGrpc.getUpdateAuthorizationPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getUpdateAuthorizationPolicyMethod =
+                NetworkSecurityGrpc.getUpdateAuthorizationPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getUpdateAuthorizationPolicyMethod =
+              getUpdateAuthorizationPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "UpdateAuthorizationPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("UpdateAuthorizationPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getUpdateAuthorizationPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest,
+          com.google.longrunning.Operation>
+      getDeleteAuthorizationPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "DeleteAuthorizationPolicy",
+      requestType = com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest,
+          com.google.longrunning.Operation>
+      getDeleteAuthorizationPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest,
+            com.google.longrunning.Operation>
+        getDeleteAuthorizationPolicyMethod;
+    if ((getDeleteAuthorizationPolicyMethod =
+            NetworkSecurityGrpc.getDeleteAuthorizationPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getDeleteAuthorizationPolicyMethod =
+                NetworkSecurityGrpc.getDeleteAuthorizationPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getDeleteAuthorizationPolicyMethod =
+              getDeleteAuthorizationPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "DeleteAuthorizationPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("DeleteAuthorizationPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getDeleteAuthorizationPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest,
+          com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>
+      getListServerTlsPoliciesMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "ListServerTlsPolicies",
+      requestType = com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.class,
+      responseType = com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest,
+          com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>
+      getListServerTlsPoliciesMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest,
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>
+        getListServerTlsPoliciesMethod;
+    if ((getListServerTlsPoliciesMethod = NetworkSecurityGrpc.getListServerTlsPoliciesMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getListServerTlsPoliciesMethod = NetworkSecurityGrpc.getListServerTlsPoliciesMethod)
+            == null) {
+          NetworkSecurityGrpc.getListServerTlsPoliciesMethod =
+              getListServerTlsPoliciesMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest,
+                          com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "ListServerTlsPolicies"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("ListServerTlsPolicies"))
+                      .build();
+        }
+      }
+    }
+    return getListServerTlsPoliciesMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest,
+          com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+      getGetServerTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "GetServerTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.class,
+      responseType = com.google.cloud.networksecurity.v1.ServerTlsPolicy.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest,
+          com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+      getGetServerTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+        getGetServerTlsPolicyMethod;
+    if ((getGetServerTlsPolicyMethod = NetworkSecurityGrpc.getGetServerTlsPolicyMethod) == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getGetServerTlsPolicyMethod = NetworkSecurityGrpc.getGetServerTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getGetServerTlsPolicyMethod =
+              getGetServerTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest,
+                          com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(generateFullMethodName(SERVICE_NAME, "GetServerTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ServerTlsPolicy
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("GetServerTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getGetServerTlsPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getCreateServerTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "CreateServerTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getCreateServerTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest,
+            com.google.longrunning.Operation>
+        getCreateServerTlsPolicyMethod;
+    if ((getCreateServerTlsPolicyMethod = NetworkSecurityGrpc.getCreateServerTlsPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getCreateServerTlsPolicyMethod = NetworkSecurityGrpc.getCreateServerTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getCreateServerTlsPolicyMethod =
+              getCreateServerTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "CreateServerTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("CreateServerTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getCreateServerTlsPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getUpdateServerTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "UpdateServerTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getUpdateServerTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest,
+            com.google.longrunning.Operation>
+        getUpdateServerTlsPolicyMethod;
+    if ((getUpdateServerTlsPolicyMethod = NetworkSecurityGrpc.getUpdateServerTlsPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getUpdateServerTlsPolicyMethod = NetworkSecurityGrpc.getUpdateServerTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getUpdateServerTlsPolicyMethod =
+              getUpdateServerTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "UpdateServerTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("UpdateServerTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getUpdateServerTlsPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getDeleteServerTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "DeleteServerTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getDeleteServerTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest,
+            com.google.longrunning.Operation>
+        getDeleteServerTlsPolicyMethod;
+    if ((getDeleteServerTlsPolicyMethod = NetworkSecurityGrpc.getDeleteServerTlsPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getDeleteServerTlsPolicyMethod = NetworkSecurityGrpc.getDeleteServerTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getDeleteServerTlsPolicyMethod =
+              getDeleteServerTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "DeleteServerTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("DeleteServerTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getDeleteServerTlsPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest,
+          com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>
+      getListClientTlsPoliciesMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "ListClientTlsPolicies",
+      requestType = com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.class,
+      responseType = com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest,
+          com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>
+      getListClientTlsPoliciesMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest,
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>
+        getListClientTlsPoliciesMethod;
+    if ((getListClientTlsPoliciesMethod = NetworkSecurityGrpc.getListClientTlsPoliciesMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getListClientTlsPoliciesMethod = NetworkSecurityGrpc.getListClientTlsPoliciesMethod)
+            == null) {
+          NetworkSecurityGrpc.getListClientTlsPoliciesMethod =
+              getListClientTlsPoliciesMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest,
+                          com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "ListClientTlsPolicies"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("ListClientTlsPolicies"))
+                      .build();
+        }
+      }
+    }
+    return getListClientTlsPoliciesMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest,
+          com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+      getGetClientTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "GetClientTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.class,
+      responseType = com.google.cloud.networksecurity.v1.ClientTlsPolicy.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest,
+          com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+      getGetClientTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+        getGetClientTlsPolicyMethod;
+    if ((getGetClientTlsPolicyMethod = NetworkSecurityGrpc.getGetClientTlsPolicyMethod) == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getGetClientTlsPolicyMethod = NetworkSecurityGrpc.getGetClientTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getGetClientTlsPolicyMethod =
+              getGetClientTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest,
+                          com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(generateFullMethodName(SERVICE_NAME, "GetClientTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.ClientTlsPolicy
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("GetClientTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getGetClientTlsPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getCreateClientTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "CreateClientTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getCreateClientTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest,
+            com.google.longrunning.Operation>
+        getCreateClientTlsPolicyMethod;
+    if ((getCreateClientTlsPolicyMethod = NetworkSecurityGrpc.getCreateClientTlsPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getCreateClientTlsPolicyMethod = NetworkSecurityGrpc.getCreateClientTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getCreateClientTlsPolicyMethod =
+              getCreateClientTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "CreateClientTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("CreateClientTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getCreateClientTlsPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getUpdateClientTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "UpdateClientTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getUpdateClientTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest,
+            com.google.longrunning.Operation>
+        getUpdateClientTlsPolicyMethod;
+    if ((getUpdateClientTlsPolicyMethod = NetworkSecurityGrpc.getUpdateClientTlsPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getUpdateClientTlsPolicyMethod = NetworkSecurityGrpc.getUpdateClientTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getUpdateClientTlsPolicyMethod =
+              getUpdateClientTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "UpdateClientTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("UpdateClientTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getUpdateClientTlsPolicyMethod;
+  }
+
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getDeleteClientTlsPolicyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "DeleteClientTlsPolicy",
+      requestType = com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.class,
+      responseType = com.google.longrunning.Operation.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest,
+          com.google.longrunning.Operation>
+      getDeleteClientTlsPolicyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest,
+            com.google.longrunning.Operation>
+        getDeleteClientTlsPolicyMethod;
+    if ((getDeleteClientTlsPolicyMethod = NetworkSecurityGrpc.getDeleteClientTlsPolicyMethod)
+        == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        if ((getDeleteClientTlsPolicyMethod = NetworkSecurityGrpc.getDeleteClientTlsPolicyMethod)
+            == null) {
+          NetworkSecurityGrpc.getDeleteClientTlsPolicyMethod =
+              getDeleteClientTlsPolicyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest,
+                          com.google.longrunning.Operation>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "DeleteClientTlsPolicy"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.longrunning.Operation.getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new NetworkSecurityMethodDescriptorSupplier("DeleteClientTlsPolicy"))
+                      .build();
+        }
+      }
+    }
+    return getDeleteClientTlsPolicyMethod;
+  }
+
+  /** Creates a new async stub that supports all call types for the service */
+  public static NetworkSecurityStub newStub(io.grpc.Channel channel) {
+    io.grpc.stub.AbstractStub.StubFactory<NetworkSecurityStub> factory =
+        new io.grpc.stub.AbstractStub.StubFactory<NetworkSecurityStub>() {
+          @java.lang.Override
+          public NetworkSecurityStub newStub(
+              io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+            return new NetworkSecurityStub(channel, callOptions);
+          }
+        };
+    return NetworkSecurityStub.newStub(factory, channel);
+  }
+
+  /**
+   * Creates a new blocking-style stub that supports unary and streaming output calls on the service
+   */
+  public static NetworkSecurityBlockingStub newBlockingStub(io.grpc.Channel channel) {
+    io.grpc.stub.AbstractStub.StubFactory<NetworkSecurityBlockingStub> factory =
+        new io.grpc.stub.AbstractStub.StubFactory<NetworkSecurityBlockingStub>() {
+          @java.lang.Override
+          public NetworkSecurityBlockingStub newStub(
+              io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+            return new NetworkSecurityBlockingStub(channel, callOptions);
+          }
+        };
+    return NetworkSecurityBlockingStub.newStub(factory, channel);
+  }
+
+  /** Creates a new ListenableFuture-style stub that supports unary calls on the service */
+  public static NetworkSecurityFutureStub newFutureStub(io.grpc.Channel channel) {
+    io.grpc.stub.AbstractStub.StubFactory<NetworkSecurityFutureStub> factory =
+        new io.grpc.stub.AbstractStub.StubFactory<NetworkSecurityFutureStub>() {
+          @java.lang.Override
+          public NetworkSecurityFutureStub newStub(
+              io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+            return new NetworkSecurityFutureStub(channel, callOptions);
+          }
+        };
+    return NetworkSecurityFutureStub.newStub(factory, channel);
+  }
+
+  /**
+   *
+   *
+   * <pre>
+   * Network Security API provides resources to configure authentication and
+   * authorization policies. Refer to per API resource documentation for more
+   * information.
+   * </pre>
+   */
+  public abstract static class NetworkSecurityImplBase implements io.grpc.BindableService {
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists AuthorizationPolicies in a given project and location.
+     * </pre>
+     */
+    public void listAuthorizationPolicies(
+        com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>
+            responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getListAuthorizationPoliciesMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public void getAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+            responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getGetAuthorizationPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new AuthorizationPolicy in a given project and location.
+     * </pre>
+     */
+    public void createAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getCreateAuthorizationPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public void updateAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getUpdateAuthorizationPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single AuthorizationPolicy.
+     * </pre>
+     */
+    public void deleteAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getDeleteAuthorizationPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ServerTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public void listServerTlsPolicies(
+        com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>
+            responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getListServerTlsPoliciesMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public void getServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+            responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getGetServerTlsPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ServerTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public void createServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getCreateServerTlsPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public void updateServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getUpdateServerTlsPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ServerTlsPolicy.
+     * </pre>
+     */
+    public void deleteServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getDeleteServerTlsPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ClientTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public void listClientTlsPolicies(
+        com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>
+            responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getListClientTlsPoliciesMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public void getClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+            responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getGetClientTlsPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ClientTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public void createClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getCreateClientTlsPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public void updateClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getUpdateClientTlsPolicyMethod(), responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ClientTlsPolicy.
+     * </pre>
+     */
+    public void deleteClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getDeleteClientTlsPolicyMethod(), responseObserver);
+    }
+
+    @java.lang.Override
+    public final io.grpc.ServerServiceDefinition bindService() {
+      return io.grpc.ServerServiceDefinition.builder(getServiceDescriptor())
+          .addMethod(
+              getListAuthorizationPoliciesMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest,
+                      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>(
+                      this, METHODID_LIST_AUTHORIZATION_POLICIES)))
+          .addMethod(
+              getGetAuthorizationPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest,
+                      com.google.cloud.networksecurity.v1.AuthorizationPolicy>(
+                      this, METHODID_GET_AUTHORIZATION_POLICY)))
+          .addMethod(
+              getCreateAuthorizationPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest,
+                      com.google.longrunning.Operation>(
+                      this, METHODID_CREATE_AUTHORIZATION_POLICY)))
+          .addMethod(
+              getUpdateAuthorizationPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest,
+                      com.google.longrunning.Operation>(
+                      this, METHODID_UPDATE_AUTHORIZATION_POLICY)))
+          .addMethod(
+              getDeleteAuthorizationPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest,
+                      com.google.longrunning.Operation>(
+                      this, METHODID_DELETE_AUTHORIZATION_POLICY)))
+          .addMethod(
+              getListServerTlsPoliciesMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest,
+                      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>(
+                      this, METHODID_LIST_SERVER_TLS_POLICIES)))
+          .addMethod(
+              getGetServerTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest,
+                      com.google.cloud.networksecurity.v1.ServerTlsPolicy>(
+                      this, METHODID_GET_SERVER_TLS_POLICY)))
+          .addMethod(
+              getCreateServerTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest,
+                      com.google.longrunning.Operation>(this, METHODID_CREATE_SERVER_TLS_POLICY)))
+          .addMethod(
+              getUpdateServerTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest,
+                      com.google.longrunning.Operation>(this, METHODID_UPDATE_SERVER_TLS_POLICY)))
+          .addMethod(
+              getDeleteServerTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest,
+                      com.google.longrunning.Operation>(this, METHODID_DELETE_SERVER_TLS_POLICY)))
+          .addMethod(
+              getListClientTlsPoliciesMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest,
+                      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>(
+                      this, METHODID_LIST_CLIENT_TLS_POLICIES)))
+          .addMethod(
+              getGetClientTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest,
+                      com.google.cloud.networksecurity.v1.ClientTlsPolicy>(
+                      this, METHODID_GET_CLIENT_TLS_POLICY)))
+          .addMethod(
+              getCreateClientTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest,
+                      com.google.longrunning.Operation>(this, METHODID_CREATE_CLIENT_TLS_POLICY)))
+          .addMethod(
+              getUpdateClientTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest,
+                      com.google.longrunning.Operation>(this, METHODID_UPDATE_CLIENT_TLS_POLICY)))
+          .addMethod(
+              getDeleteClientTlsPolicyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest,
+                      com.google.longrunning.Operation>(this, METHODID_DELETE_CLIENT_TLS_POLICY)))
+          .build();
+    }
+  }
+
+  /**
+   *
+   *
+   * <pre>
+   * Network Security API provides resources to configure authentication and
+   * authorization policies. Refer to per API resource documentation for more
+   * information.
+   * </pre>
+   */
+  public static final class NetworkSecurityStub
+      extends io.grpc.stub.AbstractAsyncStub<NetworkSecurityStub> {
+    private NetworkSecurityStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected NetworkSecurityStub build(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+      return new NetworkSecurityStub(channel, callOptions);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists AuthorizationPolicies in a given project and location.
+     * </pre>
+     */
+    public void listAuthorizationPolicies(
+        com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>
+            responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getListAuthorizationPoliciesMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public void getAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+            responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getGetAuthorizationPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new AuthorizationPolicy in a given project and location.
+     * </pre>
+     */
+    public void createAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getCreateAuthorizationPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public void updateAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getUpdateAuthorizationPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single AuthorizationPolicy.
+     * </pre>
+     */
+    public void deleteAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getDeleteAuthorizationPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ServerTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public void listServerTlsPolicies(
+        com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>
+            responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getListServerTlsPoliciesMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public void getServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+            responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getGetServerTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ServerTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public void createServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getCreateServerTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public void updateServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getUpdateServerTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ServerTlsPolicy.
+     * </pre>
+     */
+    public void deleteServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getDeleteServerTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ClientTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public void listClientTlsPolicies(
+        com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>
+            responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getListClientTlsPoliciesMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public void getClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+            responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getGetClientTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ClientTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public void createClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getCreateClientTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public void updateClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getUpdateClientTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ClientTlsPolicy.
+     * </pre>
+     */
+    public void deleteClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest request,
+        io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getDeleteClientTlsPolicyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+  }
+
+  /**
+   *
+   *
+   * <pre>
+   * Network Security API provides resources to configure authentication and
+   * authorization policies. Refer to per API resource documentation for more
+   * information.
+   * </pre>
+   */
+  public static final class NetworkSecurityBlockingStub
+      extends io.grpc.stub.AbstractBlockingStub<NetworkSecurityBlockingStub> {
+    private NetworkSecurityBlockingStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected NetworkSecurityBlockingStub build(
+        io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+      return new NetworkSecurityBlockingStub(channel, callOptions);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists AuthorizationPolicies in a given project and location.
+     * </pre>
+     */
+    public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+        listAuthorizationPolicies(
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getListAuthorizationPoliciesMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getGetAuthorizationPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new AuthorizationPolicy in a given project and location.
+     * </pre>
+     */
+    public com.google.longrunning.Operation createAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getCreateAuthorizationPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public com.google.longrunning.Operation updateAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getUpdateAuthorizationPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single AuthorizationPolicy.
+     * </pre>
+     */
+    public com.google.longrunning.Operation deleteAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getDeleteAuthorizationPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ServerTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse listServerTlsPolicies(
+        com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getListServerTlsPoliciesMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getGetServerTlsPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ServerTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public com.google.longrunning.Operation createServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getCreateServerTlsPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public com.google.longrunning.Operation updateServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getUpdateServerTlsPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ServerTlsPolicy.
+     * </pre>
+     */
+    public com.google.longrunning.Operation deleteServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getDeleteServerTlsPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ClientTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse listClientTlsPolicies(
+        com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getListClientTlsPoliciesMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getGetClientTlsPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ClientTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public com.google.longrunning.Operation createClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getCreateClientTlsPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public com.google.longrunning.Operation updateClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getUpdateClientTlsPolicyMethod(), getCallOptions(), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ClientTlsPolicy.
+     * </pre>
+     */
+    public com.google.longrunning.Operation deleteClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getDeleteClientTlsPolicyMethod(), getCallOptions(), request);
+    }
+  }
+
+  /**
+   *
+   *
+   * <pre>
+   * Network Security API provides resources to configure authentication and
+   * authorization policies. Refer to per API resource documentation for more
+   * information.
+   * </pre>
+   */
+  public static final class NetworkSecurityFutureStub
+      extends io.grpc.stub.AbstractFutureStub<NetworkSecurityFutureStub> {
+    private NetworkSecurityFutureStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected NetworkSecurityFutureStub build(
+        io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+      return new NetworkSecurityFutureStub(channel, callOptions);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists AuthorizationPolicies in a given project and location.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>
+        listAuthorizationPolicies(
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getListAuthorizationPoliciesMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+        getAuthorizationPolicy(
+            com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getGetAuthorizationPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new AuthorizationPolicy in a given project and location.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        createAuthorizationPolicy(
+            com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getCreateAuthorizationPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single AuthorizationPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        updateAuthorizationPolicy(
+            com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getUpdateAuthorizationPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single AuthorizationPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        deleteAuthorizationPolicy(
+            com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getDeleteAuthorizationPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ServerTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>
+        listServerTlsPolicies(
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getListServerTlsPoliciesMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+        getServerTlsPolicy(com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getGetServerTlsPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ServerTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        createServerTlsPolicy(
+            com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getCreateServerTlsPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ServerTlsPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        updateServerTlsPolicy(
+            com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getUpdateServerTlsPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ServerTlsPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        deleteServerTlsPolicy(
+            com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getDeleteServerTlsPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Lists ClientTlsPolicies in a given project and location.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>
+        listClientTlsPolicies(
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getListClientTlsPoliciesMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Gets details of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+        getClientTlsPolicy(com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getGetClientTlsPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Creates a new ClientTlsPolicy in a given project and location.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        createClientTlsPolicy(
+            com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getCreateClientTlsPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Updates the parameters of a single ClientTlsPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        updateClientTlsPolicy(
+            com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getUpdateClientTlsPolicyMethod(), getCallOptions()), request);
+    }
+
+    /**
+     *
+     *
+     * <pre>
+     * Deletes a single ClientTlsPolicy.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.longrunning.Operation>
+        deleteClientTlsPolicy(
+            com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getDeleteClientTlsPolicyMethod(), getCallOptions()), request);
+    }
+  }
+
+  private static final int METHODID_LIST_AUTHORIZATION_POLICIES = 0;
+  private static final int METHODID_GET_AUTHORIZATION_POLICY = 1;
+  private static final int METHODID_CREATE_AUTHORIZATION_POLICY = 2;
+  private static final int METHODID_UPDATE_AUTHORIZATION_POLICY = 3;
+  private static final int METHODID_DELETE_AUTHORIZATION_POLICY = 4;
+  private static final int METHODID_LIST_SERVER_TLS_POLICIES = 5;
+  private static final int METHODID_GET_SERVER_TLS_POLICY = 6;
+  private static final int METHODID_CREATE_SERVER_TLS_POLICY = 7;
+  private static final int METHODID_UPDATE_SERVER_TLS_POLICY = 8;
+  private static final int METHODID_DELETE_SERVER_TLS_POLICY = 9;
+  private static final int METHODID_LIST_CLIENT_TLS_POLICIES = 10;
+  private static final int METHODID_GET_CLIENT_TLS_POLICY = 11;
+  private static final int METHODID_CREATE_CLIENT_TLS_POLICY = 12;
+  private static final int METHODID_UPDATE_CLIENT_TLS_POLICY = 13;
+  private static final int METHODID_DELETE_CLIENT_TLS_POLICY = 14;
+
+  private static final class MethodHandlers<Req, Resp>
+      implements io.grpc.stub.ServerCalls.UnaryMethod<Req, Resp>,
+          io.grpc.stub.ServerCalls.ServerStreamingMethod<Req, Resp>,
+          io.grpc.stub.ServerCalls.ClientStreamingMethod<Req, Resp>,
+          io.grpc.stub.ServerCalls.BidiStreamingMethod<Req, Resp> {
+    private final NetworkSecurityImplBase serviceImpl;
+    private final int methodId;
+
+    MethodHandlers(NetworkSecurityImplBase serviceImpl, int methodId) {
+      this.serviceImpl = serviceImpl;
+      this.methodId = methodId;
+    }
+
+    @java.lang.Override
+    @java.lang.SuppressWarnings("unchecked")
+    public void invoke(Req request, io.grpc.stub.StreamObserver<Resp> responseObserver) {
+      switch (methodId) {
+        case METHODID_LIST_AUTHORIZATION_POLICIES:
+          serviceImpl.listAuthorizationPolicies(
+              (com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest) request,
+              (io.grpc.stub.StreamObserver<
+                      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse>)
+                  responseObserver);
+          break;
+        case METHODID_GET_AUTHORIZATION_POLICY:
+          serviceImpl.getAuthorizationPolicy(
+              (com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.AuthorizationPolicy>)
+                  responseObserver);
+          break;
+        case METHODID_CREATE_AUTHORIZATION_POLICY:
+          serviceImpl.createAuthorizationPolicy(
+              (com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_UPDATE_AUTHORIZATION_POLICY:
+          serviceImpl.updateAuthorizationPolicy(
+              (com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_DELETE_AUTHORIZATION_POLICY:
+          serviceImpl.deleteAuthorizationPolicy(
+              (com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_LIST_SERVER_TLS_POLICIES:
+          serviceImpl.listServerTlsPolicies(
+              (com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest) request,
+              (io.grpc.stub.StreamObserver<
+                      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse>)
+                  responseObserver);
+          break;
+        case METHODID_GET_SERVER_TLS_POLICY:
+          serviceImpl.getServerTlsPolicy(
+              (com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.ServerTlsPolicy>)
+                  responseObserver);
+          break;
+        case METHODID_CREATE_SERVER_TLS_POLICY:
+          serviceImpl.createServerTlsPolicy(
+              (com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_UPDATE_SERVER_TLS_POLICY:
+          serviceImpl.updateServerTlsPolicy(
+              (com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_DELETE_SERVER_TLS_POLICY:
+          serviceImpl.deleteServerTlsPolicy(
+              (com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_LIST_CLIENT_TLS_POLICIES:
+          serviceImpl.listClientTlsPolicies(
+              (com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest) request,
+              (io.grpc.stub.StreamObserver<
+                      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse>)
+                  responseObserver);
+          break;
+        case METHODID_GET_CLIENT_TLS_POLICY:
+          serviceImpl.getClientTlsPolicy(
+              (com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.networksecurity.v1.ClientTlsPolicy>)
+                  responseObserver);
+          break;
+        case METHODID_CREATE_CLIENT_TLS_POLICY:
+          serviceImpl.createClientTlsPolicy(
+              (com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_UPDATE_CLIENT_TLS_POLICY:
+          serviceImpl.updateClientTlsPolicy(
+              (com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        case METHODID_DELETE_CLIENT_TLS_POLICY:
+          serviceImpl.deleteClientTlsPolicy(
+              (com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.longrunning.Operation>) responseObserver);
+          break;
+        default:
+          throw new AssertionError();
+      }
+    }
+
+    @java.lang.Override
+    @java.lang.SuppressWarnings("unchecked")
+    public io.grpc.stub.StreamObserver<Req> invoke(
+        io.grpc.stub.StreamObserver<Resp> responseObserver) {
+      switch (methodId) {
+        default:
+          throw new AssertionError();
+      }
+    }
+  }
+
+  private abstract static class NetworkSecurityBaseDescriptorSupplier
+      implements io.grpc.protobuf.ProtoFileDescriptorSupplier,
+          io.grpc.protobuf.ProtoServiceDescriptorSupplier {
+    NetworkSecurityBaseDescriptorSupplier() {}
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.FileDescriptor getFileDescriptor() {
+      return com.google.cloud.networksecurity.v1.NetworkSecurityOuterClass.getDescriptor();
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.ServiceDescriptor getServiceDescriptor() {
+      return getFileDescriptor().findServiceByName("NetworkSecurity");
+    }
+  }
+
+  private static final class NetworkSecurityFileDescriptorSupplier
+      extends NetworkSecurityBaseDescriptorSupplier {
+    NetworkSecurityFileDescriptorSupplier() {}
+  }
+
+  private static final class NetworkSecurityMethodDescriptorSupplier
+      extends NetworkSecurityBaseDescriptorSupplier
+      implements io.grpc.protobuf.ProtoMethodDescriptorSupplier {
+    private final String methodName;
+
+    NetworkSecurityMethodDescriptorSupplier(String methodName) {
+      this.methodName = methodName;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.MethodDescriptor getMethodDescriptor() {
+      return getServiceDescriptor().findMethodByName(methodName);
+    }
+  }
+
+  private static volatile io.grpc.ServiceDescriptor serviceDescriptor;
+
+  public static io.grpc.ServiceDescriptor getServiceDescriptor() {
+    io.grpc.ServiceDescriptor result = serviceDescriptor;
+    if (result == null) {
+      synchronized (NetworkSecurityGrpc.class) {
+        result = serviceDescriptor;
+        if (result == null) {
+          serviceDescriptor =
+              result =
+                  io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME)
+                      .setSchemaDescriptor(new NetworkSecurityFileDescriptorSupplier())
+                      .addMethod(getListAuthorizationPoliciesMethod())
+                      .addMethod(getGetAuthorizationPolicyMethod())
+                      .addMethod(getCreateAuthorizationPolicyMethod())
+                      .addMethod(getUpdateAuthorizationPolicyMethod())
+                      .addMethod(getDeleteAuthorizationPolicyMethod())
+                      .addMethod(getListServerTlsPoliciesMethod())
+                      .addMethod(getGetServerTlsPolicyMethod())
+                      .addMethod(getCreateServerTlsPolicyMethod())
+                      .addMethod(getUpdateServerTlsPolicyMethod())
+                      .addMethod(getDeleteServerTlsPolicyMethod())
+                      .addMethod(getListClientTlsPoliciesMethod())
+                      .addMethod(getGetClientTlsPolicyMethod())
+                      .addMethod(getCreateClientTlsPolicyMethod())
+                      .addMethod(getUpdateClientTlsPolicyMethod())
+                      .addMethod(getDeleteClientTlsPolicyMethod())
+                      .build();
+        }
+      }
+    }
+    return result;
+  }
+}
diff --git a/java-network-security/pom.xml b/java-network-security/pom.xml
index 796061740456..a2ef4fe5bb78 100644
--- a/java-network-security/pom.xml
+++ b/java-network-security/pom.xml
@@ -71,6 +71,16 @@
         <artifactId>google-cloud-network-security</artifactId>
         <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:google-cloud-network-security:current} -->
       </dependency>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>proto-google-cloud-network-security-v1</artifactId>
+        <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:proto-google-cloud-network-security-v1:current} -->
+      </dependency>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>grpc-google-cloud-network-security-v1</artifactId>
+        <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-network-security-v1:current} -->
+      </dependency>
       <dependency>
         <groupId>com.google.api.grpc</groupId>
         <artifactId>grpc-google-cloud-network-security-v1beta1</artifactId>
@@ -112,7 +122,9 @@
   <modules>
     <module>google-cloud-network-security</module>
     <module>grpc-google-cloud-network-security-v1beta1</module>
+    <module>grpc-google-cloud-network-security-v1</module>
     <module>proto-google-cloud-network-security-v1beta1</module>
+    <module>proto-google-cloud-network-security-v1</module>
     <module>google-cloud-network-security-bom</module>
   </modules>
 
diff --git a/java-network-security/proto-google-cloud-network-security-v1/clirr-ignored-differences.xml b/java-network-security/proto-google-cloud-network-security-v1/clirr-ignored-differences.xml
new file mode 100644
index 000000000000..fa9ab1440dc1
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/clirr-ignored-differences.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- see http://www.mojohaus.org/clirr-maven-plugin/examples/ignored-differences.html -->
+<differences>
+  <difference>
+    <differenceType>7012</differenceType>
+    <className>com/google/cloud/networksecurity/v1/*OrBuilder</className>
+    <method>* get*(*)</method>
+  </difference>
+  <difference>
+    <differenceType>7012</differenceType>
+    <className>com/google/cloud/networksecurity/v1/*OrBuilder</className>
+    <method>boolean contains*(*)</method>
+  </difference>
+  <difference>
+    <differenceType>7012</differenceType>
+    <className>com/google/cloud/networksecurity/v1/*OrBuilder</className>
+    <method>boolean has*(*)</method>
+  </difference>
+</differences>
diff --git a/java-network-security/proto-google-cloud-network-security-v1/pom.xml b/java-network-security/proto-google-cloud-network-security-v1/pom.xml
new file mode 100644
index 000000000000..601ec36e554d
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/pom.xml
@@ -0,0 +1,42 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>com.google.api.grpc</groupId>
+  <artifactId>proto-google-cloud-network-security-v1</artifactId>
+  <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:proto-google-cloud-network-security-v1:current} -->
+  <name>proto-google-cloud-network-security-v1</name>
+  <description>Proto library for google-cloud-network-security</description>
+  <parent>
+    <groupId>com.google.cloud</groupId>
+    <artifactId>google-cloud-network-security-parent</artifactId>
+    <version>0.5.2-SNAPSHOT</version><!-- {x-version-update:google-cloud-network-security:current} -->
+  </parent>
+  <dependencies>
+    <dependency>
+      <groupId>com.google.protobuf</groupId>
+      <artifactId>protobuf-java</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-common-protos</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api</groupId>
+      <artifactId>api-common</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+          <groupId>org.codehaus.mojo</groupId>
+          <artifactId>flatten-maven-plugin</artifactId>
+        </plugin>
+    </plugins>
+  </build>
+</project>
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicy.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicy.java
new file mode 100644
index 000000000000..0f4d9c5d0429
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicy.java
@@ -0,0 +1,9033 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * AuthorizationPolicy is a resource that specifies how a server
+ * should authorize incoming connections. This resource in itself does
+ * not change the configuration unless it's attached to a target https
+ * proxy or endpoint config selector resource.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy}
+ */
+public final class AuthorizationPolicy extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.AuthorizationPolicy)
+    AuthorizationPolicyOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use AuthorizationPolicy.newBuilder() to construct.
+  private AuthorizationPolicy(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private AuthorizationPolicy() {
+    name_ = "";
+    description_ = "";
+    action_ = 0;
+    rules_ = java.util.Collections.emptyList();
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new AuthorizationPolicy();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private AuthorizationPolicy(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              description_ = s;
+              break;
+            }
+          case 26:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (createTime_ != null) {
+                subBuilder = createTime_.toBuilder();
+              }
+              createTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(createTime_);
+                createTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 34:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (updateTime_ != null) {
+                subBuilder = updateTime_.toBuilder();
+              }
+              updateTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(updateTime_);
+                updateTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 42:
+            {
+              if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                labels_ =
+                    com.google.protobuf.MapField.newMapField(LabelsDefaultEntryHolder.defaultEntry);
+                mutable_bitField0_ |= 0x00000001;
+              }
+              com.google.protobuf.MapEntry<java.lang.String, java.lang.String> labels__ =
+                  input.readMessage(
+                      LabelsDefaultEntryHolder.defaultEntry.getParserForType(), extensionRegistry);
+              labels_.getMutableMap().put(labels__.getKey(), labels__.getValue());
+              break;
+            }
+          case 48:
+            {
+              int rawValue = input.readEnum();
+
+              action_ = rawValue;
+              break;
+            }
+          case 58:
+            {
+              if (!((mutable_bitField0_ & 0x00000002) != 0)) {
+                rules_ =
+                    new java.util.ArrayList<
+                        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule>();
+                mutable_bitField0_ |= 0x00000002;
+              }
+              rules_.add(
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.parser(),
+                      extensionRegistry));
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) != 0)) {
+        rules_ = java.util.Collections.unmodifiableList(rules_);
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor;
+  }
+
+  @SuppressWarnings({"rawtypes"})
+  @java.lang.Override
+  protected com.google.protobuf.MapField internalGetMapField(int number) {
+    switch (number) {
+      case 5:
+        return internalGetLabels();
+      default:
+        throw new RuntimeException("Invalid map field number: " + number);
+    }
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.class,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder.class);
+  }
+
+  /**
+   *
+   *
+   * <pre>
+   * Possible values that define what action to take.
+   * </pre>
+   *
+   * Protobuf enum {@code google.cloud.networksecurity.v1.AuthorizationPolicy.Action}
+   */
+  public enum Action implements com.google.protobuf.ProtocolMessageEnum {
+    /**
+     *
+     *
+     * <pre>
+     * Default value.
+     * </pre>
+     *
+     * <code>ACTION_UNSPECIFIED = 0;</code>
+     */
+    ACTION_UNSPECIFIED(0),
+    /**
+     *
+     *
+     * <pre>
+     * Grant access.
+     * </pre>
+     *
+     * <code>ALLOW = 1;</code>
+     */
+    ALLOW(1),
+    /**
+     *
+     *
+     * <pre>
+     * Deny access.
+     * Deny rules should be avoided unless they are used to provide a default
+     * "deny all" fallback.
+     * </pre>
+     *
+     * <code>DENY = 2;</code>
+     */
+    DENY(2),
+    UNRECOGNIZED(-1),
+    ;
+
+    /**
+     *
+     *
+     * <pre>
+     * Default value.
+     * </pre>
+     *
+     * <code>ACTION_UNSPECIFIED = 0;</code>
+     */
+    public static final int ACTION_UNSPECIFIED_VALUE = 0;
+    /**
+     *
+     *
+     * <pre>
+     * Grant access.
+     * </pre>
+     *
+     * <code>ALLOW = 1;</code>
+     */
+    public static final int ALLOW_VALUE = 1;
+    /**
+     *
+     *
+     * <pre>
+     * Deny access.
+     * Deny rules should be avoided unless they are used to provide a default
+     * "deny all" fallback.
+     * </pre>
+     *
+     * <code>DENY = 2;</code>
+     */
+    public static final int DENY_VALUE = 2;
+
+    public final int getNumber() {
+      if (this == UNRECOGNIZED) {
+        throw new java.lang.IllegalArgumentException(
+            "Can't get the number of an unknown enum value.");
+      }
+      return value;
+    }
+
+    /**
+     * @param value The numeric wire value of the corresponding enum entry.
+     * @return The enum associated with the given numeric wire value.
+     * @deprecated Use {@link #forNumber(int)} instead.
+     */
+    @java.lang.Deprecated
+    public static Action valueOf(int value) {
+      return forNumber(value);
+    }
+
+    /**
+     * @param value The numeric wire value of the corresponding enum entry.
+     * @return The enum associated with the given numeric wire value.
+     */
+    public static Action forNumber(int value) {
+      switch (value) {
+        case 0:
+          return ACTION_UNSPECIFIED;
+        case 1:
+          return ALLOW;
+        case 2:
+          return DENY;
+        default:
+          return null;
+      }
+    }
+
+    public static com.google.protobuf.Internal.EnumLiteMap<Action> internalGetValueMap() {
+      return internalValueMap;
+    }
+
+    private static final com.google.protobuf.Internal.EnumLiteMap<Action> internalValueMap =
+        new com.google.protobuf.Internal.EnumLiteMap<Action>() {
+          public Action findValueByNumber(int number) {
+            return Action.forNumber(number);
+          }
+        };
+
+    public final com.google.protobuf.Descriptors.EnumValueDescriptor getValueDescriptor() {
+      if (this == UNRECOGNIZED) {
+        throw new java.lang.IllegalStateException(
+            "Can't get the descriptor of an unrecognized enum value.");
+      }
+      return getDescriptor().getValues().get(ordinal());
+    }
+
+    public final com.google.protobuf.Descriptors.EnumDescriptor getDescriptorForType() {
+      return getDescriptor();
+    }
+
+    public static final com.google.protobuf.Descriptors.EnumDescriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDescriptor()
+          .getEnumTypes()
+          .get(0);
+    }
+
+    private static final Action[] VALUES = values();
+
+    public static Action valueOf(com.google.protobuf.Descriptors.EnumValueDescriptor desc) {
+      if (desc.getType() != getDescriptor()) {
+        throw new java.lang.IllegalArgumentException("EnumValueDescriptor is not for this type.");
+      }
+      if (desc.getIndex() == -1) {
+        return UNRECOGNIZED;
+      }
+      return VALUES[desc.getIndex()];
+    }
+
+    private final int value;
+
+    private Action(int value) {
+      this.value = value;
+    }
+
+    // @@protoc_insertion_point(enum_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Action)
+  }
+
+  public interface RuleOrBuilder
+      extends
+      // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule)
+      com.google.protobuf.MessageOrBuilder {
+
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>
+        getSourcesList();
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source getSources(int index);
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    int getSourcesCount();
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    java.util.List<
+            ? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder>
+        getSourcesOrBuilderList();
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder
+        getSourcesOrBuilder(int index);
+
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination>
+        getDestinationsList();
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination getDestinations(
+        int index);
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    int getDestinationsCount();
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    java.util.List<
+            ? extends
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder>
+        getDestinationsOrBuilderList();
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder
+        getDestinationsOrBuilder(int index);
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Specification of rules.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy.Rule}
+   */
+  public static final class Rule extends com.google.protobuf.GeneratedMessageV3
+      implements
+      // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule)
+      RuleOrBuilder {
+    private static final long serialVersionUID = 0L;
+    // Use Rule.newBuilder() to construct.
+    private Rule(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+      super(builder);
+    }
+
+    private Rule() {
+      sources_ = java.util.Collections.emptyList();
+      destinations_ = java.util.Collections.emptyList();
+    }
+
+    @java.lang.Override
+    @SuppressWarnings({"unused"})
+    protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+      return new Rule();
+    }
+
+    @java.lang.Override
+    public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+      return this.unknownFields;
+    }
+
+    private Rule(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      this();
+      if (extensionRegistry == null) {
+        throw new java.lang.NullPointerException();
+      }
+      int mutable_bitField0_ = 0;
+      com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+          com.google.protobuf.UnknownFieldSet.newBuilder();
+      try {
+        boolean done = false;
+        while (!done) {
+          int tag = input.readTag();
+          switch (tag) {
+            case 0:
+              done = true;
+              break;
+            case 10:
+              {
+                if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                  sources_ =
+                      new java.util.ArrayList<
+                          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>();
+                  mutable_bitField0_ |= 0x00000001;
+                }
+                sources_.add(
+                    input.readMessage(
+                        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+                            .parser(),
+                        extensionRegistry));
+                break;
+              }
+            case 18:
+              {
+                if (!((mutable_bitField0_ & 0x00000002) != 0)) {
+                  destinations_ =
+                      new java.util.ArrayList<
+                          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule
+                              .Destination>();
+                  mutable_bitField0_ |= 0x00000002;
+                }
+                destinations_.add(
+                    input.readMessage(
+                        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                            .parser(),
+                        extensionRegistry));
+                break;
+              }
+            default:
+              {
+                if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                  done = true;
+                }
+                break;
+              }
+          }
+        }
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        throw e.setUnfinishedMessage(this);
+      } catch (com.google.protobuf.UninitializedMessageException e) {
+        throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+      } catch (java.io.IOException e) {
+        throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+      } finally {
+        if (((mutable_bitField0_ & 0x00000001) != 0)) {
+          sources_ = java.util.Collections.unmodifiableList(sources_);
+        }
+        if (((mutable_bitField0_ & 0x00000002) != 0)) {
+          destinations_ = java.util.Collections.unmodifiableList(destinations_);
+        }
+        this.unknownFields = unknownFields.build();
+        makeExtensionsImmutable();
+      }
+    }
+
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.class,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder.class);
+    }
+
+    public interface SourceOrBuilder
+        extends
+        // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source)
+        com.google.protobuf.MessageOrBuilder {
+
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return A list containing the principals.
+       */
+      java.util.List<java.lang.String> getPrincipalsList();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return The count of principals.
+       */
+      int getPrincipalsCount();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The principals at the given index.
+       */
+      java.lang.String getPrincipals(int index);
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the principals at the given index.
+       */
+      com.google.protobuf.ByteString getPrincipalsBytes(int index);
+
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return A list containing the ipBlocks.
+       */
+      java.util.List<java.lang.String> getIpBlocksList();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return The count of ipBlocks.
+       */
+      int getIpBlocksCount();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The ipBlocks at the given index.
+       */
+      java.lang.String getIpBlocks(int index);
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the ipBlocks at the given index.
+       */
+      com.google.protobuf.ByteString getIpBlocksBytes(int index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Specification of traffic source attributes.
+     * </pre>
+     *
+     * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source}
+     */
+    public static final class Source extends com.google.protobuf.GeneratedMessageV3
+        implements
+        // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source)
+        SourceOrBuilder {
+      private static final long serialVersionUID = 0L;
+      // Use Source.newBuilder() to construct.
+      private Source(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+        super(builder);
+      }
+
+      private Source() {
+        principals_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+        ipBlocks_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      }
+
+      @java.lang.Override
+      @SuppressWarnings({"unused"})
+      protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+        return new Source();
+      }
+
+      @java.lang.Override
+      public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+        return this.unknownFields;
+      }
+
+      private Source(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        this();
+        if (extensionRegistry == null) {
+          throw new java.lang.NullPointerException();
+        }
+        int mutable_bitField0_ = 0;
+        com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+            com.google.protobuf.UnknownFieldSet.newBuilder();
+        try {
+          boolean done = false;
+          while (!done) {
+            int tag = input.readTag();
+            switch (tag) {
+              case 0:
+                done = true;
+                break;
+              case 10:
+                {
+                  java.lang.String s = input.readStringRequireUtf8();
+                  if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                    principals_ = new com.google.protobuf.LazyStringArrayList();
+                    mutable_bitField0_ |= 0x00000001;
+                  }
+                  principals_.add(s);
+                  break;
+                }
+              case 18:
+                {
+                  java.lang.String s = input.readStringRequireUtf8();
+                  if (!((mutable_bitField0_ & 0x00000002) != 0)) {
+                    ipBlocks_ = new com.google.protobuf.LazyStringArrayList();
+                    mutable_bitField0_ |= 0x00000002;
+                  }
+                  ipBlocks_.add(s);
+                  break;
+                }
+              default:
+                {
+                  if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                    done = true;
+                  }
+                  break;
+                }
+            }
+          }
+        } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+          throw e.setUnfinishedMessage(this);
+        } catch (com.google.protobuf.UninitializedMessageException e) {
+          throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+        } catch (java.io.IOException e) {
+          throw new com.google.protobuf.InvalidProtocolBufferException(e)
+              .setUnfinishedMessage(this);
+        } finally {
+          if (((mutable_bitField0_ & 0x00000001) != 0)) {
+            principals_ = principals_.getUnmodifiableView();
+          }
+          if (((mutable_bitField0_ & 0x00000002) != 0)) {
+            ipBlocks_ = ipBlocks_.getUnmodifiableView();
+          }
+          this.unknownFields = unknownFields.build();
+          makeExtensionsImmutable();
+        }
+      }
+
+      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_descriptor;
+      }
+
+      @java.lang.Override
+      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+          internalGetFieldAccessorTable() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_fieldAccessorTable
+            .ensureFieldAccessorsInitialized(
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.class,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder.class);
+      }
+
+      public static final int PRINCIPALS_FIELD_NUMBER = 1;
+      private com.google.protobuf.LazyStringList principals_;
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return A list containing the principals.
+       */
+      public com.google.protobuf.ProtocolStringList getPrincipalsList() {
+        return principals_;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return The count of principals.
+       */
+      public int getPrincipalsCount() {
+        return principals_.size();
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The principals at the given index.
+       */
+      public java.lang.String getPrincipals(int index) {
+        return principals_.get(index);
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of peer identities to match for authorization. At least one
+       * principal should match. Each peer can be an exact match, or a prefix
+       * match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
+       * ServerTlsPolicy resource) is considered insecure.
+       * </pre>
+       *
+       * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the principals at the given index.
+       */
+      public com.google.protobuf.ByteString getPrincipalsBytes(int index) {
+        return principals_.getByteString(index);
+      }
+
+      public static final int IP_BLOCKS_FIELD_NUMBER = 2;
+      private com.google.protobuf.LazyStringList ipBlocks_;
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return A list containing the ipBlocks.
+       */
+      public com.google.protobuf.ProtocolStringList getIpBlocksList() {
+        return ipBlocks_;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return The count of ipBlocks.
+       */
+      public int getIpBlocksCount() {
+        return ipBlocks_.size();
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The ipBlocks at the given index.
+       */
+      public java.lang.String getIpBlocks(int index) {
+        return ipBlocks_.get(index);
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of CIDR ranges to match based on source IP address. At least one
+       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+       * "1.2.3.0/24") are supported. Authorization based on source IP alone
+       * should be avoided. The IP addresses of any load balancers or proxies
+       * should be considered untrusted.
+       * </pre>
+       *
+       * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the ipBlocks at the given index.
+       */
+      public com.google.protobuf.ByteString getIpBlocksBytes(int index) {
+        return ipBlocks_.getByteString(index);
+      }
+
+      private byte memoizedIsInitialized = -1;
+
+      @java.lang.Override
+      public final boolean isInitialized() {
+        byte isInitialized = memoizedIsInitialized;
+        if (isInitialized == 1) return true;
+        if (isInitialized == 0) return false;
+
+        memoizedIsInitialized = 1;
+        return true;
+      }
+
+      @java.lang.Override
+      public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+        for (int i = 0; i < principals_.size(); i++) {
+          com.google.protobuf.GeneratedMessageV3.writeString(output, 1, principals_.getRaw(i));
+        }
+        for (int i = 0; i < ipBlocks_.size(); i++) {
+          com.google.protobuf.GeneratedMessageV3.writeString(output, 2, ipBlocks_.getRaw(i));
+        }
+        unknownFields.writeTo(output);
+      }
+
+      @java.lang.Override
+      public int getSerializedSize() {
+        int size = memoizedSize;
+        if (size != -1) return size;
+
+        size = 0;
+        {
+          int dataSize = 0;
+          for (int i = 0; i < principals_.size(); i++) {
+            dataSize += computeStringSizeNoTag(principals_.getRaw(i));
+          }
+          size += dataSize;
+          size += 1 * getPrincipalsList().size();
+        }
+        {
+          int dataSize = 0;
+          for (int i = 0; i < ipBlocks_.size(); i++) {
+            dataSize += computeStringSizeNoTag(ipBlocks_.getRaw(i));
+          }
+          size += dataSize;
+          size += 1 * getIpBlocksList().size();
+        }
+        size += unknownFields.getSerializedSize();
+        memoizedSize = size;
+        return size;
+      }
+
+      @java.lang.Override
+      public boolean equals(final java.lang.Object obj) {
+        if (obj == this) {
+          return true;
+        }
+        if (!(obj instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source)) {
+          return super.equals(obj);
+        }
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source other =
+            (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source) obj;
+
+        if (!getPrincipalsList().equals(other.getPrincipalsList())) return false;
+        if (!getIpBlocksList().equals(other.getIpBlocksList())) return false;
+        if (!unknownFields.equals(other.unknownFields)) return false;
+        return true;
+      }
+
+      @java.lang.Override
+      public int hashCode() {
+        if (memoizedHashCode != 0) {
+          return memoizedHashCode;
+        }
+        int hash = 41;
+        hash = (19 * hash) + getDescriptor().hashCode();
+        if (getPrincipalsCount() > 0) {
+          hash = (37 * hash) + PRINCIPALS_FIELD_NUMBER;
+          hash = (53 * hash) + getPrincipalsList().hashCode();
+        }
+        if (getIpBlocksCount() > 0) {
+          hash = (37 * hash) + IP_BLOCKS_FIELD_NUMBER;
+          hash = (53 * hash) + getIpBlocksList().hashCode();
+        }
+        hash = (29 * hash) + unknownFields.hashCode();
+        memoizedHashCode = hash;
+        return hash;
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          com.google.protobuf.ByteString data)
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          com.google.protobuf.ByteString data,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          java.io.InputStream input) throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+            PARSER, input, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+          parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+          parseDelimitedFrom(
+              java.io.InputStream input,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+            PARSER, input, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parseFrom(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+            PARSER, input, extensionRegistry);
+      }
+
+      @java.lang.Override
+      public Builder newBuilderForType() {
+        return newBuilder();
+      }
+
+      public static Builder newBuilder() {
+        return DEFAULT_INSTANCE.toBuilder();
+      }
+
+      public static Builder newBuilder(
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source prototype) {
+        return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+      }
+
+      @java.lang.Override
+      public Builder toBuilder() {
+        return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+      }
+
+      @java.lang.Override
+      protected Builder newBuilderForType(
+          com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+        Builder builder = new Builder(parent);
+        return builder;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Specification of traffic source attributes.
+       * </pre>
+       *
+       * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source}
+       */
+      public static final class Builder
+          extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+          implements
+          // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source)
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder {
+        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_descriptor;
+        }
+
+        @java.lang.Override
+        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+            internalGetFieldAccessorTable() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_fieldAccessorTable
+              .ensureFieldAccessorsInitialized(
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.class,
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder
+                      .class);
+        }
+
+        // Construct using
+        // com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.newBuilder()
+        private Builder() {
+          maybeForceBuilderInitialization();
+        }
+
+        private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+          super(parent);
+          maybeForceBuilderInitialization();
+        }
+
+        private void maybeForceBuilderInitialization() {
+          if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+        }
+
+        @java.lang.Override
+        public Builder clear() {
+          super.clear();
+          principals_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000001);
+          ipBlocks_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000002);
+          return this;
+        }
+
+        @java.lang.Override
+        public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_descriptor;
+        }
+
+        @java.lang.Override
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+            getDefaultInstanceForType() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+              .getDefaultInstance();
+        }
+
+        @java.lang.Override
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source build() {
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source result =
+              buildPartial();
+          if (!result.isInitialized()) {
+            throw newUninitializedMessageException(result);
+          }
+          return result;
+        }
+
+        @java.lang.Override
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source buildPartial() {
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source result =
+              new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source(this);
+          int from_bitField0_ = bitField0_;
+          if (((bitField0_ & 0x00000001) != 0)) {
+            principals_ = principals_.getUnmodifiableView();
+            bitField0_ = (bitField0_ & ~0x00000001);
+          }
+          result.principals_ = principals_;
+          if (((bitField0_ & 0x00000002) != 0)) {
+            ipBlocks_ = ipBlocks_.getUnmodifiableView();
+            bitField0_ = (bitField0_ & ~0x00000002);
+          }
+          result.ipBlocks_ = ipBlocks_;
+          onBuilt();
+          return result;
+        }
+
+        @java.lang.Override
+        public Builder clone() {
+          return super.clone();
+        }
+
+        @java.lang.Override
+        public Builder setField(
+            com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+          return super.setField(field, value);
+        }
+
+        @java.lang.Override
+        public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+          return super.clearField(field);
+        }
+
+        @java.lang.Override
+        public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+          return super.clearOneof(oneof);
+        }
+
+        @java.lang.Override
+        public Builder setRepeatedField(
+            com.google.protobuf.Descriptors.FieldDescriptor field,
+            int index,
+            java.lang.Object value) {
+          return super.setRepeatedField(field, index, value);
+        }
+
+        @java.lang.Override
+        public Builder addRepeatedField(
+            com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+          return super.addRepeatedField(field, value);
+        }
+
+        @java.lang.Override
+        public Builder mergeFrom(com.google.protobuf.Message other) {
+          if (other
+              instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source) {
+            return mergeFrom(
+                (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source) other);
+          } else {
+            super.mergeFrom(other);
+            return this;
+          }
+        }
+
+        public Builder mergeFrom(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source other) {
+          if (other
+              == com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+                  .getDefaultInstance()) return this;
+          if (!other.principals_.isEmpty()) {
+            if (principals_.isEmpty()) {
+              principals_ = other.principals_;
+              bitField0_ = (bitField0_ & ~0x00000001);
+            } else {
+              ensurePrincipalsIsMutable();
+              principals_.addAll(other.principals_);
+            }
+            onChanged();
+          }
+          if (!other.ipBlocks_.isEmpty()) {
+            if (ipBlocks_.isEmpty()) {
+              ipBlocks_ = other.ipBlocks_;
+              bitField0_ = (bitField0_ & ~0x00000002);
+            } else {
+              ensureIpBlocksIsMutable();
+              ipBlocks_.addAll(other.ipBlocks_);
+            }
+            onChanged();
+          }
+          this.mergeUnknownFields(other.unknownFields);
+          onChanged();
+          return this;
+        }
+
+        @java.lang.Override
+        public final boolean isInitialized() {
+          return true;
+        }
+
+        @java.lang.Override
+        public Builder mergeFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws java.io.IOException {
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source parsedMessage = null;
+          try {
+            parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+          } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+            parsedMessage =
+                (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source)
+                    e.getUnfinishedMessage();
+            throw e.unwrapIOException();
+          } finally {
+            if (parsedMessage != null) {
+              mergeFrom(parsedMessage);
+            }
+          }
+          return this;
+        }
+
+        private int bitField0_;
+
+        private com.google.protobuf.LazyStringList principals_ =
+            com.google.protobuf.LazyStringArrayList.EMPTY;
+
+        private void ensurePrincipalsIsMutable() {
+          if (!((bitField0_ & 0x00000001) != 0)) {
+            principals_ = new com.google.protobuf.LazyStringArrayList(principals_);
+            bitField0_ |= 0x00000001;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return A list containing the principals.
+         */
+        public com.google.protobuf.ProtocolStringList getPrincipalsList() {
+          return principals_.getUnmodifiableView();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return The count of principals.
+         */
+        public int getPrincipalsCount() {
+          return principals_.size();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index of the element to return.
+         * @return The principals at the given index.
+         */
+        public java.lang.String getPrincipals(int index) {
+          return principals_.get(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index of the value to return.
+         * @return The bytes of the principals at the given index.
+         */
+        public com.google.protobuf.ByteString getPrincipalsBytes(int index) {
+          return principals_.getByteString(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index to set the value at.
+         * @param value The principals to set.
+         * @return This builder for chaining.
+         */
+        public Builder setPrincipals(int index, java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensurePrincipalsIsMutable();
+          principals_.set(index, value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param value The principals to add.
+         * @return This builder for chaining.
+         */
+        public Builder addPrincipals(java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensurePrincipalsIsMutable();
+          principals_.add(value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param values The principals to add.
+         * @return This builder for chaining.
+         */
+        public Builder addAllPrincipals(java.lang.Iterable<java.lang.String> values) {
+          ensurePrincipalsIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, principals_);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return This builder for chaining.
+         */
+        public Builder clearPrincipals() {
+          principals_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000001);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of peer identities to match for authorization. At least one
+         * principal should match. Each peer can be an exact match, or a prefix
+         * match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
+         * ServerTlsPolicy resource) is considered insecure.
+         * </pre>
+         *
+         * <code>repeated string principals = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param value The bytes of the principals to add.
+         * @return This builder for chaining.
+         */
+        public Builder addPrincipalsBytes(com.google.protobuf.ByteString value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          checkByteStringIsUtf8(value);
+          ensurePrincipalsIsMutable();
+          principals_.add(value);
+          onChanged();
+          return this;
+        }
+
+        private com.google.protobuf.LazyStringList ipBlocks_ =
+            com.google.protobuf.LazyStringArrayList.EMPTY;
+
+        private void ensureIpBlocksIsMutable() {
+          if (!((bitField0_ & 0x00000002) != 0)) {
+            ipBlocks_ = new com.google.protobuf.LazyStringArrayList(ipBlocks_);
+            bitField0_ |= 0x00000002;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return A list containing the ipBlocks.
+         */
+        public com.google.protobuf.ProtocolStringList getIpBlocksList() {
+          return ipBlocks_.getUnmodifiableView();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return The count of ipBlocks.
+         */
+        public int getIpBlocksCount() {
+          return ipBlocks_.size();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index of the element to return.
+         * @return The ipBlocks at the given index.
+         */
+        public java.lang.String getIpBlocks(int index) {
+          return ipBlocks_.get(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index of the value to return.
+         * @return The bytes of the ipBlocks at the given index.
+         */
+        public com.google.protobuf.ByteString getIpBlocksBytes(int index) {
+          return ipBlocks_.getByteString(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index to set the value at.
+         * @param value The ipBlocks to set.
+         * @return This builder for chaining.
+         */
+        public Builder setIpBlocks(int index, java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureIpBlocksIsMutable();
+          ipBlocks_.set(index, value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param value The ipBlocks to add.
+         * @return This builder for chaining.
+         */
+        public Builder addIpBlocks(java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureIpBlocksIsMutable();
+          ipBlocks_.add(value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param values The ipBlocks to add.
+         * @return This builder for chaining.
+         */
+        public Builder addAllIpBlocks(java.lang.Iterable<java.lang.String> values) {
+          ensureIpBlocksIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, ipBlocks_);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return This builder for chaining.
+         */
+        public Builder clearIpBlocks() {
+          ipBlocks_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000002);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. List of CIDR ranges to match based on source IP address. At least one
+         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+         * "1.2.3.0/24") are supported. Authorization based on source IP alone
+         * should be avoided. The IP addresses of any load balancers or proxies
+         * should be considered untrusted.
+         * </pre>
+         *
+         * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param value The bytes of the ipBlocks to add.
+         * @return This builder for chaining.
+         */
+        public Builder addIpBlocksBytes(com.google.protobuf.ByteString value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          checkByteStringIsUtf8(value);
+          ensureIpBlocksIsMutable();
+          ipBlocks_.add(value);
+          onChanged();
+          return this;
+        }
+
+        @java.lang.Override
+        public final Builder setUnknownFields(
+            final com.google.protobuf.UnknownFieldSet unknownFields) {
+          return super.setUnknownFields(unknownFields);
+        }
+
+        @java.lang.Override
+        public final Builder mergeUnknownFields(
+            final com.google.protobuf.UnknownFieldSet unknownFields) {
+          return super.mergeUnknownFields(unknownFields);
+        }
+
+        // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source)
+      }
+
+      // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source)
+      private static final com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+          DEFAULT_INSTANCE;
+
+      static {
+        DEFAULT_INSTANCE =
+            new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source();
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+          getDefaultInstance() {
+        return DEFAULT_INSTANCE;
+      }
+
+      private static final com.google.protobuf.Parser<Source> PARSER =
+          new com.google.protobuf.AbstractParser<Source>() {
+            @java.lang.Override
+            public Source parsePartialFrom(
+                com.google.protobuf.CodedInputStream input,
+                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws com.google.protobuf.InvalidProtocolBufferException {
+              return new Source(input, extensionRegistry);
+            }
+          };
+
+      public static com.google.protobuf.Parser<Source> parser() {
+        return PARSER;
+      }
+
+      @java.lang.Override
+      public com.google.protobuf.Parser<Source> getParserForType() {
+        return PARSER;
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+          getDefaultInstanceForType() {
+        return DEFAULT_INSTANCE;
+      }
+    }
+
+    public interface DestinationOrBuilder
+        extends
+        // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination)
+        com.google.protobuf.MessageOrBuilder {
+
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return A list containing the hosts.
+       */
+      java.util.List<java.lang.String> getHostsList();
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return The count of hosts.
+       */
+      int getHostsCount();
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The hosts at the given index.
+       */
+      java.lang.String getHosts(int index);
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the hosts at the given index.
+       */
+      com.google.protobuf.ByteString getHostsBytes(int index);
+
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of destination ports to match. At least one port should match.
+       * </pre>
+       *
+       * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return A list containing the ports.
+       */
+      java.util.List<java.lang.Integer> getPortsList();
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of destination ports to match. At least one port should match.
+       * </pre>
+       *
+       * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return The count of ports.
+       */
+      int getPortsCount();
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of destination ports to match. At least one port should match.
+       * </pre>
+       *
+       * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The ports at the given index.
+       */
+      int getPorts(int index);
+
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return A list containing the methods.
+       */
+      java.util.List<java.lang.String> getMethodsList();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return The count of methods.
+       */
+      int getMethodsCount();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The methods at the given index.
+       */
+      java.lang.String getMethods(int index);
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the methods at the given index.
+       */
+      com.google.protobuf.ByteString getMethodsBytes(int index);
+
+      /**
+       *
+       *
+       * <pre>
+       * Optional. Match against key:value pair in http header. Provides a flexible match
+       * based on HTTP headers, for potentially advanced use cases. At least one
+       * header should match. Avoid using header matches to make authorization
+       * decisions unless there is a strong guarantee that requests arrive
+       * through a trusted client or proxy.
+       * </pre>
+       *
+       * <code>
+       * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       *
+       * @return Whether the httpHeaderMatch field is set.
+       */
+      boolean hasHttpHeaderMatch();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. Match against key:value pair in http header. Provides a flexible match
+       * based on HTTP headers, for potentially advanced use cases. At least one
+       * header should match. Avoid using header matches to make authorization
+       * decisions unless there is a strong guarantee that requests arrive
+       * through a trusted client or proxy.
+       * </pre>
+       *
+       * <code>
+       * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       *
+       * @return The httpHeaderMatch.
+       */
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+          getHttpHeaderMatch();
+      /**
+       *
+       *
+       * <pre>
+       * Optional. Match against key:value pair in http header. Provides a flexible match
+       * based on HTTP headers, for potentially advanced use cases. At least one
+       * header should match. Avoid using header matches to make authorization
+       * decisions unless there is a strong guarantee that requests arrive
+       * through a trusted client or proxy.
+       * </pre>
+       *
+       * <code>
+       * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+              .HttpHeaderMatchOrBuilder
+          getHttpHeaderMatchOrBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Specification of traffic destination attributes.
+     * </pre>
+     *
+     * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination}
+     */
+    public static final class Destination extends com.google.protobuf.GeneratedMessageV3
+        implements
+        // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination)
+        DestinationOrBuilder {
+      private static final long serialVersionUID = 0L;
+      // Use Destination.newBuilder() to construct.
+      private Destination(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+        super(builder);
+      }
+
+      private Destination() {
+        hosts_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+        ports_ = emptyIntList();
+        methods_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      }
+
+      @java.lang.Override
+      @SuppressWarnings({"unused"})
+      protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+        return new Destination();
+      }
+
+      @java.lang.Override
+      public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+        return this.unknownFields;
+      }
+
+      private Destination(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws com.google.protobuf.InvalidProtocolBufferException {
+        this();
+        if (extensionRegistry == null) {
+          throw new java.lang.NullPointerException();
+        }
+        int mutable_bitField0_ = 0;
+        com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+            com.google.protobuf.UnknownFieldSet.newBuilder();
+        try {
+          boolean done = false;
+          while (!done) {
+            int tag = input.readTag();
+            switch (tag) {
+              case 0:
+                done = true;
+                break;
+              case 10:
+                {
+                  java.lang.String s = input.readStringRequireUtf8();
+                  if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                    hosts_ = new com.google.protobuf.LazyStringArrayList();
+                    mutable_bitField0_ |= 0x00000001;
+                  }
+                  hosts_.add(s);
+                  break;
+                }
+              case 16:
+                {
+                  if (!((mutable_bitField0_ & 0x00000002) != 0)) {
+                    ports_ = newIntList();
+                    mutable_bitField0_ |= 0x00000002;
+                  }
+                  ports_.addInt(input.readUInt32());
+                  break;
+                }
+              case 18:
+                {
+                  int length = input.readRawVarint32();
+                  int limit = input.pushLimit(length);
+                  if (!((mutable_bitField0_ & 0x00000002) != 0) && input.getBytesUntilLimit() > 0) {
+                    ports_ = newIntList();
+                    mutable_bitField0_ |= 0x00000002;
+                  }
+                  while (input.getBytesUntilLimit() > 0) {
+                    ports_.addInt(input.readUInt32());
+                  }
+                  input.popLimit(limit);
+                  break;
+                }
+              case 34:
+                {
+                  java.lang.String s = input.readStringRequireUtf8();
+                  if (!((mutable_bitField0_ & 0x00000004) != 0)) {
+                    methods_ = new com.google.protobuf.LazyStringArrayList();
+                    mutable_bitField0_ |= 0x00000004;
+                  }
+                  methods_.add(s);
+                  break;
+                }
+              case 42:
+                {
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                          .HttpHeaderMatch.Builder
+                      subBuilder = null;
+                  if (httpHeaderMatch_ != null) {
+                    subBuilder = httpHeaderMatch_.toBuilder();
+                  }
+                  httpHeaderMatch_ =
+                      input.readMessage(
+                          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                              .HttpHeaderMatch.parser(),
+                          extensionRegistry);
+                  if (subBuilder != null) {
+                    subBuilder.mergeFrom(httpHeaderMatch_);
+                    httpHeaderMatch_ = subBuilder.buildPartial();
+                  }
+
+                  break;
+                }
+              default:
+                {
+                  if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                    done = true;
+                  }
+                  break;
+                }
+            }
+          }
+        } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+          throw e.setUnfinishedMessage(this);
+        } catch (com.google.protobuf.UninitializedMessageException e) {
+          throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+        } catch (java.io.IOException e) {
+          throw new com.google.protobuf.InvalidProtocolBufferException(e)
+              .setUnfinishedMessage(this);
+        } finally {
+          if (((mutable_bitField0_ & 0x00000001) != 0)) {
+            hosts_ = hosts_.getUnmodifiableView();
+          }
+          if (((mutable_bitField0_ & 0x00000002) != 0)) {
+            ports_.makeImmutable(); // C
+          }
+          if (((mutable_bitField0_ & 0x00000004) != 0)) {
+            methods_ = methods_.getUnmodifiableView();
+          }
+          this.unknownFields = unknownFields.build();
+          makeExtensionsImmutable();
+        }
+      }
+
+      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_descriptor;
+      }
+
+      @java.lang.Override
+      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+          internalGetFieldAccessorTable() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_fieldAccessorTable
+            .ensureFieldAccessorsInitialized(
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.class,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+                    .class);
+      }
+
+      public interface HttpHeaderMatchOrBuilder
+          extends
+          // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch)
+          com.google.protobuf.MessageOrBuilder {
+
+        /**
+         *
+         *
+         * <pre>
+         * Required. The value of the header must match the regular expression
+         * specified in regexMatch. For regular expression grammar,
+         * please see: en.cppreference.com/w/cpp/regex/ecmascript
+         * For matching against a port specified in the HTTP
+         * request, use a headerMatch with headerName set to Host
+         * and a regular expression that satisfies the RFC2616 Host
+         * header's port specifier.
+         * </pre>
+         *
+         * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return Whether the regexMatch field is set.
+         */
+        boolean hasRegexMatch();
+        /**
+         *
+         *
+         * <pre>
+         * Required. The value of the header must match the regular expression
+         * specified in regexMatch. For regular expression grammar,
+         * please see: en.cppreference.com/w/cpp/regex/ecmascript
+         * For matching against a port specified in the HTTP
+         * request, use a headerMatch with headerName set to Host
+         * and a regular expression that satisfies the RFC2616 Host
+         * header's port specifier.
+         * </pre>
+         *
+         * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The regexMatch.
+         */
+        java.lang.String getRegexMatch();
+        /**
+         *
+         *
+         * <pre>
+         * Required. The value of the header must match the regular expression
+         * specified in regexMatch. For regular expression grammar,
+         * please see: en.cppreference.com/w/cpp/regex/ecmascript
+         * For matching against a port specified in the HTTP
+         * request, use a headerMatch with headerName set to Host
+         * and a regular expression that satisfies the RFC2616 Host
+         * header's port specifier.
+         * </pre>
+         *
+         * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The bytes for regexMatch.
+         */
+        com.google.protobuf.ByteString getRegexMatchBytes();
+
+        /**
+         *
+         *
+         * <pre>
+         * Required. The name of the HTTP header to match. For matching
+         * against the HTTP request's authority, use a headerMatch
+         * with the header name ":authority". For matching a
+         * request's method, use the headerName ":method".
+         * </pre>
+         *
+         * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The headerName.
+         */
+        java.lang.String getHeaderName();
+        /**
+         *
+         *
+         * <pre>
+         * Required. The name of the HTTP header to match. For matching
+         * against the HTTP request's authority, use a headerMatch
+         * with the header name ":authority". For matching a
+         * request's method, use the headerName ":method".
+         * </pre>
+         *
+         * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The bytes for headerName.
+         */
+        com.google.protobuf.ByteString getHeaderNameBytes();
+
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch.TypeCase
+            getTypeCase();
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Specification of HTTP header match attributes.
+       * </pre>
+       *
+       * Protobuf type {@code
+       * google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch}
+       */
+      public static final class HttpHeaderMatch extends com.google.protobuf.GeneratedMessageV3
+          implements
+          // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch)
+          HttpHeaderMatchOrBuilder {
+        private static final long serialVersionUID = 0L;
+        // Use HttpHeaderMatch.newBuilder() to construct.
+        private HttpHeaderMatch(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+          super(builder);
+        }
+
+        private HttpHeaderMatch() {
+          headerName_ = "";
+        }
+
+        @java.lang.Override
+        @SuppressWarnings({"unused"})
+        protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+          return new HttpHeaderMatch();
+        }
+
+        @java.lang.Override
+        public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+          return this.unknownFields;
+        }
+
+        private HttpHeaderMatch(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          this();
+          if (extensionRegistry == null) {
+            throw new java.lang.NullPointerException();
+          }
+          com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+              com.google.protobuf.UnknownFieldSet.newBuilder();
+          try {
+            boolean done = false;
+            while (!done) {
+              int tag = input.readTag();
+              switch (tag) {
+                case 0:
+                  done = true;
+                  break;
+                case 10:
+                  {
+                    java.lang.String s = input.readStringRequireUtf8();
+
+                    headerName_ = s;
+                    break;
+                  }
+                case 18:
+                  {
+                    java.lang.String s = input.readStringRequireUtf8();
+                    typeCase_ = 2;
+                    type_ = s;
+                    break;
+                  }
+                default:
+                  {
+                    if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                      done = true;
+                    }
+                    break;
+                  }
+              }
+            }
+          } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+            throw e.setUnfinishedMessage(this);
+          } catch (com.google.protobuf.UninitializedMessageException e) {
+            throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+          } catch (java.io.IOException e) {
+            throw new com.google.protobuf.InvalidProtocolBufferException(e)
+                .setUnfinishedMessage(this);
+          } finally {
+            this.unknownFields = unknownFields.build();
+            makeExtensionsImmutable();
+          }
+        }
+
+        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_descriptor;
+        }
+
+        @java.lang.Override
+        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+            internalGetFieldAccessorTable() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_fieldAccessorTable
+              .ensureFieldAccessorsInitialized(
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                      .HttpHeaderMatch.class,
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                      .HttpHeaderMatch.Builder.class);
+        }
+
+        private int typeCase_ = 0;
+        private java.lang.Object type_;
+
+        public enum TypeCase
+            implements
+                com.google.protobuf.Internal.EnumLite,
+                com.google.protobuf.AbstractMessage.InternalOneOfEnum {
+          REGEX_MATCH(2),
+          TYPE_NOT_SET(0);
+          private final int value;
+
+          private TypeCase(int value) {
+            this.value = value;
+          }
+          /**
+           * @param value The number of the enum to look for.
+           * @return The enum associated with the given number.
+           * @deprecated Use {@link #forNumber(int)} instead.
+           */
+          @java.lang.Deprecated
+          public static TypeCase valueOf(int value) {
+            return forNumber(value);
+          }
+
+          public static TypeCase forNumber(int value) {
+            switch (value) {
+              case 2:
+                return REGEX_MATCH;
+              case 0:
+                return TYPE_NOT_SET;
+              default:
+                return null;
+            }
+          }
+
+          public int getNumber() {
+            return this.value;
+          }
+        };
+
+        public TypeCase getTypeCase() {
+          return TypeCase.forNumber(typeCase_);
+        }
+
+        public static final int REGEX_MATCH_FIELD_NUMBER = 2;
+        /**
+         *
+         *
+         * <pre>
+         * Required. The value of the header must match the regular expression
+         * specified in regexMatch. For regular expression grammar,
+         * please see: en.cppreference.com/w/cpp/regex/ecmascript
+         * For matching against a port specified in the HTTP
+         * request, use a headerMatch with headerName set to Host
+         * and a regular expression that satisfies the RFC2616 Host
+         * header's port specifier.
+         * </pre>
+         *
+         * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return Whether the regexMatch field is set.
+         */
+        public boolean hasRegexMatch() {
+          return typeCase_ == 2;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. The value of the header must match the regular expression
+         * specified in regexMatch. For regular expression grammar,
+         * please see: en.cppreference.com/w/cpp/regex/ecmascript
+         * For matching against a port specified in the HTTP
+         * request, use a headerMatch with headerName set to Host
+         * and a regular expression that satisfies the RFC2616 Host
+         * header's port specifier.
+         * </pre>
+         *
+         * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The regexMatch.
+         */
+        public java.lang.String getRegexMatch() {
+          java.lang.Object ref = "";
+          if (typeCase_ == 2) {
+            ref = type_;
+          }
+          if (ref instanceof java.lang.String) {
+            return (java.lang.String) ref;
+          } else {
+            com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+            java.lang.String s = bs.toStringUtf8();
+            if (typeCase_ == 2) {
+              type_ = s;
+            }
+            return s;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. The value of the header must match the regular expression
+         * specified in regexMatch. For regular expression grammar,
+         * please see: en.cppreference.com/w/cpp/regex/ecmascript
+         * For matching against a port specified in the HTTP
+         * request, use a headerMatch with headerName set to Host
+         * and a regular expression that satisfies the RFC2616 Host
+         * header's port specifier.
+         * </pre>
+         *
+         * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The bytes for regexMatch.
+         */
+        public com.google.protobuf.ByteString getRegexMatchBytes() {
+          java.lang.Object ref = "";
+          if (typeCase_ == 2) {
+            ref = type_;
+          }
+          if (ref instanceof java.lang.String) {
+            com.google.protobuf.ByteString b =
+                com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+            if (typeCase_ == 2) {
+              type_ = b;
+            }
+            return b;
+          } else {
+            return (com.google.protobuf.ByteString) ref;
+          }
+        }
+
+        public static final int HEADER_NAME_FIELD_NUMBER = 1;
+        private volatile java.lang.Object headerName_;
+        /**
+         *
+         *
+         * <pre>
+         * Required. The name of the HTTP header to match. For matching
+         * against the HTTP request's authority, use a headerMatch
+         * with the header name ":authority". For matching a
+         * request's method, use the headerName ":method".
+         * </pre>
+         *
+         * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The headerName.
+         */
+        @java.lang.Override
+        public java.lang.String getHeaderName() {
+          java.lang.Object ref = headerName_;
+          if (ref instanceof java.lang.String) {
+            return (java.lang.String) ref;
+          } else {
+            com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+            java.lang.String s = bs.toStringUtf8();
+            headerName_ = s;
+            return s;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. The name of the HTTP header to match. For matching
+         * against the HTTP request's authority, use a headerMatch
+         * with the header name ":authority". For matching a
+         * request's method, use the headerName ":method".
+         * </pre>
+         *
+         * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The bytes for headerName.
+         */
+        @java.lang.Override
+        public com.google.protobuf.ByteString getHeaderNameBytes() {
+          java.lang.Object ref = headerName_;
+          if (ref instanceof java.lang.String) {
+            com.google.protobuf.ByteString b =
+                com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+            headerName_ = b;
+            return b;
+          } else {
+            return (com.google.protobuf.ByteString) ref;
+          }
+        }
+
+        private byte memoizedIsInitialized = -1;
+
+        @java.lang.Override
+        public final boolean isInitialized() {
+          byte isInitialized = memoizedIsInitialized;
+          if (isInitialized == 1) return true;
+          if (isInitialized == 0) return false;
+
+          memoizedIsInitialized = 1;
+          return true;
+        }
+
+        @java.lang.Override
+        public void writeTo(com.google.protobuf.CodedOutputStream output)
+            throws java.io.IOException {
+          if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(headerName_)) {
+            com.google.protobuf.GeneratedMessageV3.writeString(output, 1, headerName_);
+          }
+          if (typeCase_ == 2) {
+            com.google.protobuf.GeneratedMessageV3.writeString(output, 2, type_);
+          }
+          unknownFields.writeTo(output);
+        }
+
+        @java.lang.Override
+        public int getSerializedSize() {
+          int size = memoizedSize;
+          if (size != -1) return size;
+
+          size = 0;
+          if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(headerName_)) {
+            size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, headerName_);
+          }
+          if (typeCase_ == 2) {
+            size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, type_);
+          }
+          size += unknownFields.getSerializedSize();
+          memoizedSize = size;
+          return size;
+        }
+
+        @java.lang.Override
+        public boolean equals(final java.lang.Object obj) {
+          if (obj == this) {
+            return true;
+          }
+          if (!(obj
+              instanceof
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                  .HttpHeaderMatch)) {
+            return super.equals(obj);
+          }
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+              other =
+                  (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                          .HttpHeaderMatch)
+                      obj;
+
+          if (!getHeaderName().equals(other.getHeaderName())) return false;
+          if (!getTypeCase().equals(other.getTypeCase())) return false;
+          switch (typeCase_) {
+            case 2:
+              if (!getRegexMatch().equals(other.getRegexMatch())) return false;
+              break;
+            case 0:
+            default:
+          }
+          if (!unknownFields.equals(other.unknownFields)) return false;
+          return true;
+        }
+
+        @java.lang.Override
+        public int hashCode() {
+          if (memoizedHashCode != 0) {
+            return memoizedHashCode;
+          }
+          int hash = 41;
+          hash = (19 * hash) + getDescriptor().hashCode();
+          hash = (37 * hash) + HEADER_NAME_FIELD_NUMBER;
+          hash = (53 * hash) + getHeaderName().hashCode();
+          switch (typeCase_) {
+            case 2:
+              hash = (37 * hash) + REGEX_MATCH_FIELD_NUMBER;
+              hash = (53 * hash) + getRegexMatch().hashCode();
+              break;
+            case 0:
+            default:
+          }
+          hash = (29 * hash) + unknownFields.hashCode();
+          memoizedHashCode = hash;
+          return hash;
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(java.nio.ByteBuffer data)
+                throws com.google.protobuf.InvalidProtocolBufferException {
+          return PARSER.parseFrom(data);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(
+                java.nio.ByteBuffer data,
+                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws com.google.protobuf.InvalidProtocolBufferException {
+          return PARSER.parseFrom(data, extensionRegistry);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(com.google.protobuf.ByteString data)
+                throws com.google.protobuf.InvalidProtocolBufferException {
+          return PARSER.parseFrom(data);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(
+                com.google.protobuf.ByteString data,
+                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws com.google.protobuf.InvalidProtocolBufferException {
+          return PARSER.parseFrom(data, extensionRegistry);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+          return PARSER.parseFrom(data);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws com.google.protobuf.InvalidProtocolBufferException {
+          return PARSER.parseFrom(data, extensionRegistry);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(java.io.InputStream input) throws java.io.IOException {
+          return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(
+                java.io.InputStream input,
+                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws java.io.IOException {
+          return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+              PARSER, input, extensionRegistry);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+          return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+              PARSER, input);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseDelimitedFrom(
+                java.io.InputStream input,
+                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws java.io.IOException {
+          return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+              PARSER, input, extensionRegistry);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+          return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            parseFrom(
+                com.google.protobuf.CodedInputStream input,
+                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws java.io.IOException {
+          return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+              PARSER, input, extensionRegistry);
+        }
+
+        @java.lang.Override
+        public Builder newBuilderForType() {
+          return newBuilder();
+        }
+
+        public static Builder newBuilder() {
+          return DEFAULT_INSTANCE.toBuilder();
+        }
+
+        public static Builder newBuilder(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+                prototype) {
+          return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+        }
+
+        @java.lang.Override
+        public Builder toBuilder() {
+          return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+        }
+
+        @java.lang.Override
+        protected Builder newBuilderForType(
+            com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+          Builder builder = new Builder(parent);
+          return builder;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Specification of HTTP header match attributes.
+         * </pre>
+         *
+         * Protobuf type {@code
+         * google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch}
+         */
+        public static final class Builder
+            extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+            implements
+            // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch)
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatchOrBuilder {
+          public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+            return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+                .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_descriptor;
+          }
+
+          @java.lang.Override
+          protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+              internalGetFieldAccessorTable() {
+            return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+                .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_fieldAccessorTable
+                .ensureFieldAccessorsInitialized(
+                    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                        .HttpHeaderMatch.class,
+                    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                        .HttpHeaderMatch.Builder.class);
+          }
+
+          // Construct using
+          // com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch.newBuilder()
+          private Builder() {
+            maybeForceBuilderInitialization();
+          }
+
+          private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+            super(parent);
+            maybeForceBuilderInitialization();
+          }
+
+          private void maybeForceBuilderInitialization() {
+            if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+          }
+
+          @java.lang.Override
+          public Builder clear() {
+            super.clear();
+            headerName_ = "";
+
+            typeCase_ = 0;
+            type_ = null;
+            return this;
+          }
+
+          @java.lang.Override
+          public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+            return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+                .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_descriptor;
+          }
+
+          @java.lang.Override
+          public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                  .HttpHeaderMatch
+              getDefaultInstanceForType() {
+            return com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch.getDefaultInstance();
+          }
+
+          @java.lang.Override
+          public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                  .HttpHeaderMatch
+              build() {
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+                result = buildPartial();
+            if (!result.isInitialized()) {
+              throw newUninitializedMessageException(result);
+            }
+            return result;
+          }
+
+          @java.lang.Override
+          public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                  .HttpHeaderMatch
+              buildPartial() {
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+                result =
+                    new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                        .HttpHeaderMatch(this);
+            if (typeCase_ == 2) {
+              result.type_ = type_;
+            }
+            result.headerName_ = headerName_;
+            result.typeCase_ = typeCase_;
+            onBuilt();
+            return result;
+          }
+
+          @java.lang.Override
+          public Builder clone() {
+            return super.clone();
+          }
+
+          @java.lang.Override
+          public Builder setField(
+              com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+            return super.setField(field, value);
+          }
+
+          @java.lang.Override
+          public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+            return super.clearField(field);
+          }
+
+          @java.lang.Override
+          public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+            return super.clearOneof(oneof);
+          }
+
+          @java.lang.Override
+          public Builder setRepeatedField(
+              com.google.protobuf.Descriptors.FieldDescriptor field,
+              int index,
+              java.lang.Object value) {
+            return super.setRepeatedField(field, index, value);
+          }
+
+          @java.lang.Override
+          public Builder addRepeatedField(
+              com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+            return super.addRepeatedField(field, value);
+          }
+
+          @java.lang.Override
+          public Builder mergeFrom(com.google.protobuf.Message other) {
+            if (other
+                instanceof
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch) {
+              return mergeFrom(
+                  (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                          .HttpHeaderMatch)
+                      other);
+            } else {
+              super.mergeFrom(other);
+              return this;
+            }
+          }
+
+          public Builder mergeFrom(
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                      .HttpHeaderMatch
+                  other) {
+            if (other
+                == com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch.getDefaultInstance()) return this;
+            if (!other.getHeaderName().isEmpty()) {
+              headerName_ = other.headerName_;
+              onChanged();
+            }
+            switch (other.getTypeCase()) {
+              case REGEX_MATCH:
+                {
+                  typeCase_ = 2;
+                  type_ = other.type_;
+                  onChanged();
+                  break;
+                }
+              case TYPE_NOT_SET:
+                {
+                  break;
+                }
+            }
+            this.mergeUnknownFields(other.unknownFields);
+            onChanged();
+            return this;
+          }
+
+          @java.lang.Override
+          public final boolean isInitialized() {
+            return true;
+          }
+
+          @java.lang.Override
+          public Builder mergeFrom(
+              com.google.protobuf.CodedInputStream input,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws java.io.IOException {
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+                parsedMessage = null;
+            try {
+              parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+            } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+              parsedMessage =
+                  (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                          .HttpHeaderMatch)
+                      e.getUnfinishedMessage();
+              throw e.unwrapIOException();
+            } finally {
+              if (parsedMessage != null) {
+                mergeFrom(parsedMessage);
+              }
+            }
+            return this;
+          }
+
+          private int typeCase_ = 0;
+          private java.lang.Object type_;
+
+          public TypeCase getTypeCase() {
+            return TypeCase.forNumber(typeCase_);
+          }
+
+          public Builder clearType() {
+            typeCase_ = 0;
+            type_ = null;
+            onChanged();
+            return this;
+          }
+
+          /**
+           *
+           *
+           * <pre>
+           * Required. The value of the header must match the regular expression
+           * specified in regexMatch. For regular expression grammar,
+           * please see: en.cppreference.com/w/cpp/regex/ecmascript
+           * For matching against a port specified in the HTTP
+           * request, use a headerMatch with headerName set to Host
+           * and a regular expression that satisfies the RFC2616 Host
+           * header's port specifier.
+           * </pre>
+           *
+           * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @return Whether the regexMatch field is set.
+           */
+          @java.lang.Override
+          public boolean hasRegexMatch() {
+            return typeCase_ == 2;
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The value of the header must match the regular expression
+           * specified in regexMatch. For regular expression grammar,
+           * please see: en.cppreference.com/w/cpp/regex/ecmascript
+           * For matching against a port specified in the HTTP
+           * request, use a headerMatch with headerName set to Host
+           * and a regular expression that satisfies the RFC2616 Host
+           * header's port specifier.
+           * </pre>
+           *
+           * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @return The regexMatch.
+           */
+          @java.lang.Override
+          public java.lang.String getRegexMatch() {
+            java.lang.Object ref = "";
+            if (typeCase_ == 2) {
+              ref = type_;
+            }
+            if (!(ref instanceof java.lang.String)) {
+              com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+              java.lang.String s = bs.toStringUtf8();
+              if (typeCase_ == 2) {
+                type_ = s;
+              }
+              return s;
+            } else {
+              return (java.lang.String) ref;
+            }
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The value of the header must match the regular expression
+           * specified in regexMatch. For regular expression grammar,
+           * please see: en.cppreference.com/w/cpp/regex/ecmascript
+           * For matching against a port specified in the HTTP
+           * request, use a headerMatch with headerName set to Host
+           * and a regular expression that satisfies the RFC2616 Host
+           * header's port specifier.
+           * </pre>
+           *
+           * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @return The bytes for regexMatch.
+           */
+          @java.lang.Override
+          public com.google.protobuf.ByteString getRegexMatchBytes() {
+            java.lang.Object ref = "";
+            if (typeCase_ == 2) {
+              ref = type_;
+            }
+            if (ref instanceof String) {
+              com.google.protobuf.ByteString b =
+                  com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+              if (typeCase_ == 2) {
+                type_ = b;
+              }
+              return b;
+            } else {
+              return (com.google.protobuf.ByteString) ref;
+            }
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The value of the header must match the regular expression
+           * specified in regexMatch. For regular expression grammar,
+           * please see: en.cppreference.com/w/cpp/regex/ecmascript
+           * For matching against a port specified in the HTTP
+           * request, use a headerMatch with headerName set to Host
+           * and a regular expression that satisfies the RFC2616 Host
+           * header's port specifier.
+           * </pre>
+           *
+           * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @param value The regexMatch to set.
+           * @return This builder for chaining.
+           */
+          public Builder setRegexMatch(java.lang.String value) {
+            if (value == null) {
+              throw new NullPointerException();
+            }
+            typeCase_ = 2;
+            type_ = value;
+            onChanged();
+            return this;
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The value of the header must match the regular expression
+           * specified in regexMatch. For regular expression grammar,
+           * please see: en.cppreference.com/w/cpp/regex/ecmascript
+           * For matching against a port specified in the HTTP
+           * request, use a headerMatch with headerName set to Host
+           * and a regular expression that satisfies the RFC2616 Host
+           * header's port specifier.
+           * </pre>
+           *
+           * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @return This builder for chaining.
+           */
+          public Builder clearRegexMatch() {
+            if (typeCase_ == 2) {
+              typeCase_ = 0;
+              type_ = null;
+              onChanged();
+            }
+            return this;
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The value of the header must match the regular expression
+           * specified in regexMatch. For regular expression grammar,
+           * please see: en.cppreference.com/w/cpp/regex/ecmascript
+           * For matching against a port specified in the HTTP
+           * request, use a headerMatch with headerName set to Host
+           * and a regular expression that satisfies the RFC2616 Host
+           * header's port specifier.
+           * </pre>
+           *
+           * <code>string regex_match = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @param value The bytes for regexMatch to set.
+           * @return This builder for chaining.
+           */
+          public Builder setRegexMatchBytes(com.google.protobuf.ByteString value) {
+            if (value == null) {
+              throw new NullPointerException();
+            }
+            checkByteStringIsUtf8(value);
+            typeCase_ = 2;
+            type_ = value;
+            onChanged();
+            return this;
+          }
+
+          private java.lang.Object headerName_ = "";
+          /**
+           *
+           *
+           * <pre>
+           * Required. The name of the HTTP header to match. For matching
+           * against the HTTP request's authority, use a headerMatch
+           * with the header name ":authority". For matching a
+           * request's method, use the headerName ":method".
+           * </pre>
+           *
+           * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @return The headerName.
+           */
+          public java.lang.String getHeaderName() {
+            java.lang.Object ref = headerName_;
+            if (!(ref instanceof java.lang.String)) {
+              com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+              java.lang.String s = bs.toStringUtf8();
+              headerName_ = s;
+              return s;
+            } else {
+              return (java.lang.String) ref;
+            }
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The name of the HTTP header to match. For matching
+           * against the HTTP request's authority, use a headerMatch
+           * with the header name ":authority". For matching a
+           * request's method, use the headerName ":method".
+           * </pre>
+           *
+           * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @return The bytes for headerName.
+           */
+          public com.google.protobuf.ByteString getHeaderNameBytes() {
+            java.lang.Object ref = headerName_;
+            if (ref instanceof String) {
+              com.google.protobuf.ByteString b =
+                  com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+              headerName_ = b;
+              return b;
+            } else {
+              return (com.google.protobuf.ByteString) ref;
+            }
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The name of the HTTP header to match. For matching
+           * against the HTTP request's authority, use a headerMatch
+           * with the header name ":authority". For matching a
+           * request's method, use the headerName ":method".
+           * </pre>
+           *
+           * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @param value The headerName to set.
+           * @return This builder for chaining.
+           */
+          public Builder setHeaderName(java.lang.String value) {
+            if (value == null) {
+              throw new NullPointerException();
+            }
+
+            headerName_ = value;
+            onChanged();
+            return this;
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The name of the HTTP header to match. For matching
+           * against the HTTP request's authority, use a headerMatch
+           * with the header name ":authority". For matching a
+           * request's method, use the headerName ":method".
+           * </pre>
+           *
+           * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @return This builder for chaining.
+           */
+          public Builder clearHeaderName() {
+
+            headerName_ = getDefaultInstance().getHeaderName();
+            onChanged();
+            return this;
+          }
+          /**
+           *
+           *
+           * <pre>
+           * Required. The name of the HTTP header to match. For matching
+           * against the HTTP request's authority, use a headerMatch
+           * with the header name ":authority". For matching a
+           * request's method, use the headerName ":method".
+           * </pre>
+           *
+           * <code>string header_name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+           *
+           * @param value The bytes for headerName to set.
+           * @return This builder for chaining.
+           */
+          public Builder setHeaderNameBytes(com.google.protobuf.ByteString value) {
+            if (value == null) {
+              throw new NullPointerException();
+            }
+            checkByteStringIsUtf8(value);
+
+            headerName_ = value;
+            onChanged();
+            return this;
+          }
+
+          @java.lang.Override
+          public final Builder setUnknownFields(
+              final com.google.protobuf.UnknownFieldSet unknownFields) {
+            return super.setUnknownFields(unknownFields);
+          }
+
+          @java.lang.Override
+          public final Builder mergeUnknownFields(
+              final com.google.protobuf.UnknownFieldSet unknownFields) {
+            return super.mergeUnknownFields(unknownFields);
+          }
+
+          // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch)
+        }
+
+        // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch)
+        private static final com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule
+                .Destination.HttpHeaderMatch
+            DEFAULT_INSTANCE;
+
+        static {
+          DEFAULT_INSTANCE =
+              new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                  .HttpHeaderMatch();
+        }
+
+        public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            getDefaultInstance() {
+          return DEFAULT_INSTANCE;
+        }
+
+        private static final com.google.protobuf.Parser<HttpHeaderMatch> PARSER =
+            new com.google.protobuf.AbstractParser<HttpHeaderMatch>() {
+              @java.lang.Override
+              public HttpHeaderMatch parsePartialFrom(
+                  com.google.protobuf.CodedInputStream input,
+                  com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                  throws com.google.protobuf.InvalidProtocolBufferException {
+                return new HttpHeaderMatch(input, extensionRegistry);
+              }
+            };
+
+        public static com.google.protobuf.Parser<HttpHeaderMatch> parser() {
+          return PARSER;
+        }
+
+        @java.lang.Override
+        public com.google.protobuf.Parser<HttpHeaderMatch> getParserForType() {
+          return PARSER;
+        }
+
+        @java.lang.Override
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            getDefaultInstanceForType() {
+          return DEFAULT_INSTANCE;
+        }
+      }
+
+      public static final int HOSTS_FIELD_NUMBER = 1;
+      private com.google.protobuf.LazyStringList hosts_;
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return A list containing the hosts.
+       */
+      public com.google.protobuf.ProtocolStringList getHostsList() {
+        return hosts_;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return The count of hosts.
+       */
+      public int getHostsCount() {
+        return hosts_.size();
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The hosts at the given index.
+       */
+      public java.lang.String getHosts(int index) {
+        return hosts_.get(index);
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of host names to match. Matched against the ":authority" header in
+       * http requests. At least one host should match. Each host can be an
+       * exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
+       * </pre>
+       *
+       * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the hosts at the given index.
+       */
+      public com.google.protobuf.ByteString getHostsBytes(int index) {
+        return hosts_.getByteString(index);
+      }
+
+      public static final int PORTS_FIELD_NUMBER = 2;
+      private com.google.protobuf.Internal.IntList ports_;
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of destination ports to match. At least one port should match.
+       * </pre>
+       *
+       * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return A list containing the ports.
+       */
+      @java.lang.Override
+      public java.util.List<java.lang.Integer> getPortsList() {
+        return ports_;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of destination ports to match. At least one port should match.
+       * </pre>
+       *
+       * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @return The count of ports.
+       */
+      public int getPortsCount() {
+        return ports_.size();
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Required. List of destination ports to match. At least one port should match.
+       * </pre>
+       *
+       * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The ports at the given index.
+       */
+      public int getPorts(int index) {
+        return ports_.getInt(index);
+      }
+
+      private int portsMemoizedSerializedSize = -1;
+
+      public static final int METHODS_FIELD_NUMBER = 4;
+      private com.google.protobuf.LazyStringList methods_;
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return A list containing the methods.
+       */
+      public com.google.protobuf.ProtocolStringList getMethodsList() {
+        return methods_;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @return The count of methods.
+       */
+      public int getMethodsCount() {
+        return methods_.size();
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the element to return.
+       * @return The methods at the given index.
+       */
+      public java.lang.String getMethods(int index) {
+        return methods_.get(index);
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. A list of HTTP methods to match. At least one method should
+       * match. Should not be set for gRPC services.
+       * </pre>
+       *
+       * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+       *
+       * @param index The index of the value to return.
+       * @return The bytes of the methods at the given index.
+       */
+      public com.google.protobuf.ByteString getMethodsBytes(int index) {
+        return methods_.getByteString(index);
+      }
+
+      public static final int HTTP_HEADER_MATCH_FIELD_NUMBER = 5;
+      private com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+              .HttpHeaderMatch
+          httpHeaderMatch_;
+      /**
+       *
+       *
+       * <pre>
+       * Optional. Match against key:value pair in http header. Provides a flexible match
+       * based on HTTP headers, for potentially advanced use cases. At least one
+       * header should match. Avoid using header matches to make authorization
+       * decisions unless there is a strong guarantee that requests arrive
+       * through a trusted client or proxy.
+       * </pre>
+       *
+       * <code>
+       * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       *
+       * @return Whether the httpHeaderMatch field is set.
+       */
+      @java.lang.Override
+      public boolean hasHttpHeaderMatch() {
+        return httpHeaderMatch_ != null;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. Match against key:value pair in http header. Provides a flexible match
+       * based on HTTP headers, for potentially advanced use cases. At least one
+       * header should match. Avoid using header matches to make authorization
+       * decisions unless there is a strong guarantee that requests arrive
+       * through a trusted client or proxy.
+       * </pre>
+       *
+       * <code>
+       * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       *
+       * @return The httpHeaderMatch.
+       */
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+              .HttpHeaderMatch
+          getHttpHeaderMatch() {
+        return httpHeaderMatch_ == null
+            ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch.getDefaultInstance()
+            : httpHeaderMatch_;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. Match against key:value pair in http header. Provides a flexible match
+       * based on HTTP headers, for potentially advanced use cases. At least one
+       * header should match. Avoid using header matches to make authorization
+       * decisions unless there is a strong guarantee that requests arrive
+       * through a trusted client or proxy.
+       * </pre>
+       *
+       * <code>
+       * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+              .HttpHeaderMatchOrBuilder
+          getHttpHeaderMatchOrBuilder() {
+        return getHttpHeaderMatch();
+      }
+
+      private byte memoizedIsInitialized = -1;
+
+      @java.lang.Override
+      public final boolean isInitialized() {
+        byte isInitialized = memoizedIsInitialized;
+        if (isInitialized == 1) return true;
+        if (isInitialized == 0) return false;
+
+        memoizedIsInitialized = 1;
+        return true;
+      }
+
+      @java.lang.Override
+      public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+        getSerializedSize();
+        for (int i = 0; i < hosts_.size(); i++) {
+          com.google.protobuf.GeneratedMessageV3.writeString(output, 1, hosts_.getRaw(i));
+        }
+        if (getPortsList().size() > 0) {
+          output.writeUInt32NoTag(18);
+          output.writeUInt32NoTag(portsMemoizedSerializedSize);
+        }
+        for (int i = 0; i < ports_.size(); i++) {
+          output.writeUInt32NoTag(ports_.getInt(i));
+        }
+        for (int i = 0; i < methods_.size(); i++) {
+          com.google.protobuf.GeneratedMessageV3.writeString(output, 4, methods_.getRaw(i));
+        }
+        if (httpHeaderMatch_ != null) {
+          output.writeMessage(5, getHttpHeaderMatch());
+        }
+        unknownFields.writeTo(output);
+      }
+
+      @java.lang.Override
+      public int getSerializedSize() {
+        int size = memoizedSize;
+        if (size != -1) return size;
+
+        size = 0;
+        {
+          int dataSize = 0;
+          for (int i = 0; i < hosts_.size(); i++) {
+            dataSize += computeStringSizeNoTag(hosts_.getRaw(i));
+          }
+          size += dataSize;
+          size += 1 * getHostsList().size();
+        }
+        {
+          int dataSize = 0;
+          for (int i = 0; i < ports_.size(); i++) {
+            dataSize +=
+                com.google.protobuf.CodedOutputStream.computeUInt32SizeNoTag(ports_.getInt(i));
+          }
+          size += dataSize;
+          if (!getPortsList().isEmpty()) {
+            size += 1;
+            size += com.google.protobuf.CodedOutputStream.computeInt32SizeNoTag(dataSize);
+          }
+          portsMemoizedSerializedSize = dataSize;
+        }
+        {
+          int dataSize = 0;
+          for (int i = 0; i < methods_.size(); i++) {
+            dataSize += computeStringSizeNoTag(methods_.getRaw(i));
+          }
+          size += dataSize;
+          size += 1 * getMethodsList().size();
+        }
+        if (httpHeaderMatch_ != null) {
+          size += com.google.protobuf.CodedOutputStream.computeMessageSize(5, getHttpHeaderMatch());
+        }
+        size += unknownFields.getSerializedSize();
+        memoizedSize = size;
+        return size;
+      }
+
+      @java.lang.Override
+      public boolean equals(final java.lang.Object obj) {
+        if (obj == this) {
+          return true;
+        }
+        if (!(obj
+            instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination)) {
+          return super.equals(obj);
+        }
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination other =
+            (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination) obj;
+
+        if (!getHostsList().equals(other.getHostsList())) return false;
+        if (!getPortsList().equals(other.getPortsList())) return false;
+        if (!getMethodsList().equals(other.getMethodsList())) return false;
+        if (hasHttpHeaderMatch() != other.hasHttpHeaderMatch()) return false;
+        if (hasHttpHeaderMatch()) {
+          if (!getHttpHeaderMatch().equals(other.getHttpHeaderMatch())) return false;
+        }
+        if (!unknownFields.equals(other.unknownFields)) return false;
+        return true;
+      }
+
+      @java.lang.Override
+      public int hashCode() {
+        if (memoizedHashCode != 0) {
+          return memoizedHashCode;
+        }
+        int hash = 41;
+        hash = (19 * hash) + getDescriptor().hashCode();
+        if (getHostsCount() > 0) {
+          hash = (37 * hash) + HOSTS_FIELD_NUMBER;
+          hash = (53 * hash) + getHostsList().hashCode();
+        }
+        if (getPortsCount() > 0) {
+          hash = (37 * hash) + PORTS_FIELD_NUMBER;
+          hash = (53 * hash) + getPortsList().hashCode();
+        }
+        if (getMethodsCount() > 0) {
+          hash = (37 * hash) + METHODS_FIELD_NUMBER;
+          hash = (53 * hash) + getMethodsList().hashCode();
+        }
+        if (hasHttpHeaderMatch()) {
+          hash = (37 * hash) + HTTP_HEADER_MATCH_FIELD_NUMBER;
+          hash = (53 * hash) + getHttpHeaderMatch().hashCode();
+        }
+        hash = (29 * hash) + unknownFields.hashCode();
+        memoizedHashCode = hash;
+        return hash;
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(java.nio.ByteBuffer data)
+              throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(
+              java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(com.google.protobuf.ByteString data)
+              throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(
+              com.google.protobuf.ByteString data,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws com.google.protobuf.InvalidProtocolBufferException {
+        return PARSER.parseFrom(data, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(java.io.InputStream input) throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(
+              java.io.InputStream input,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+            PARSER, input, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseDelimitedFrom(
+              java.io.InputStream input,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+            PARSER, input, extensionRegistry);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          parseFrom(
+              com.google.protobuf.CodedInputStream input,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws java.io.IOException {
+        return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+            PARSER, input, extensionRegistry);
+      }
+
+      @java.lang.Override
+      public Builder newBuilderForType() {
+        return newBuilder();
+      }
+
+      public static Builder newBuilder() {
+        return DEFAULT_INSTANCE.toBuilder();
+      }
+
+      public static Builder newBuilder(
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination prototype) {
+        return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+      }
+
+      @java.lang.Override
+      public Builder toBuilder() {
+        return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+      }
+
+      @java.lang.Override
+      protected Builder newBuilderForType(
+          com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+        Builder builder = new Builder(parent);
+        return builder;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Specification of traffic destination attributes.
+       * </pre>
+       *
+       * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination}
+       */
+      public static final class Builder
+          extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+          implements
+          // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination)
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder {
+        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_descriptor;
+        }
+
+        @java.lang.Override
+        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+            internalGetFieldAccessorTable() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_fieldAccessorTable
+              .ensureFieldAccessorsInitialized(
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.class,
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+                      .class);
+        }
+
+        // Construct using
+        // com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.newBuilder()
+        private Builder() {
+          maybeForceBuilderInitialization();
+        }
+
+        private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+          super(parent);
+          maybeForceBuilderInitialization();
+        }
+
+        private void maybeForceBuilderInitialization() {
+          if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+        }
+
+        @java.lang.Override
+        public Builder clear() {
+          super.clear();
+          hosts_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000001);
+          ports_ = emptyIntList();
+          bitField0_ = (bitField0_ & ~0x00000002);
+          methods_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000004);
+          if (httpHeaderMatchBuilder_ == null) {
+            httpHeaderMatch_ = null;
+          } else {
+            httpHeaderMatch_ = null;
+            httpHeaderMatchBuilder_ = null;
+          }
+          return this;
+        }
+
+        @java.lang.Override
+        public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+              .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_descriptor;
+        }
+
+        @java.lang.Override
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+            getDefaultInstanceForType() {
+          return com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+              .getDefaultInstance();
+        }
+
+        @java.lang.Override
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination build() {
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination result =
+              buildPartial();
+          if (!result.isInitialized()) {
+            throw newUninitializedMessageException(result);
+          }
+          return result;
+        }
+
+        @java.lang.Override
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+            buildPartial() {
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination result =
+              new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination(this);
+          int from_bitField0_ = bitField0_;
+          if (((bitField0_ & 0x00000001) != 0)) {
+            hosts_ = hosts_.getUnmodifiableView();
+            bitField0_ = (bitField0_ & ~0x00000001);
+          }
+          result.hosts_ = hosts_;
+          if (((bitField0_ & 0x00000002) != 0)) {
+            ports_.makeImmutable();
+            bitField0_ = (bitField0_ & ~0x00000002);
+          }
+          result.ports_ = ports_;
+          if (((bitField0_ & 0x00000004) != 0)) {
+            methods_ = methods_.getUnmodifiableView();
+            bitField0_ = (bitField0_ & ~0x00000004);
+          }
+          result.methods_ = methods_;
+          if (httpHeaderMatchBuilder_ == null) {
+            result.httpHeaderMatch_ = httpHeaderMatch_;
+          } else {
+            result.httpHeaderMatch_ = httpHeaderMatchBuilder_.build();
+          }
+          onBuilt();
+          return result;
+        }
+
+        @java.lang.Override
+        public Builder clone() {
+          return super.clone();
+        }
+
+        @java.lang.Override
+        public Builder setField(
+            com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+          return super.setField(field, value);
+        }
+
+        @java.lang.Override
+        public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+          return super.clearField(field);
+        }
+
+        @java.lang.Override
+        public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+          return super.clearOneof(oneof);
+        }
+
+        @java.lang.Override
+        public Builder setRepeatedField(
+            com.google.protobuf.Descriptors.FieldDescriptor field,
+            int index,
+            java.lang.Object value) {
+          return super.setRepeatedField(field, index, value);
+        }
+
+        @java.lang.Override
+        public Builder addRepeatedField(
+            com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+          return super.addRepeatedField(field, value);
+        }
+
+        @java.lang.Override
+        public Builder mergeFrom(com.google.protobuf.Message other) {
+          if (other
+              instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination) {
+            return mergeFrom(
+                (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination) other);
+          } else {
+            super.mergeFrom(other);
+            return this;
+          }
+        }
+
+        public Builder mergeFrom(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination other) {
+          if (other
+              == com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                  .getDefaultInstance()) return this;
+          if (!other.hosts_.isEmpty()) {
+            if (hosts_.isEmpty()) {
+              hosts_ = other.hosts_;
+              bitField0_ = (bitField0_ & ~0x00000001);
+            } else {
+              ensureHostsIsMutable();
+              hosts_.addAll(other.hosts_);
+            }
+            onChanged();
+          }
+          if (!other.ports_.isEmpty()) {
+            if (ports_.isEmpty()) {
+              ports_ = other.ports_;
+              bitField0_ = (bitField0_ & ~0x00000002);
+            } else {
+              ensurePortsIsMutable();
+              ports_.addAll(other.ports_);
+            }
+            onChanged();
+          }
+          if (!other.methods_.isEmpty()) {
+            if (methods_.isEmpty()) {
+              methods_ = other.methods_;
+              bitField0_ = (bitField0_ & ~0x00000004);
+            } else {
+              ensureMethodsIsMutable();
+              methods_.addAll(other.methods_);
+            }
+            onChanged();
+          }
+          if (other.hasHttpHeaderMatch()) {
+            mergeHttpHeaderMatch(other.getHttpHeaderMatch());
+          }
+          this.mergeUnknownFields(other.unknownFields);
+          onChanged();
+          return this;
+        }
+
+        @java.lang.Override
+        public final boolean isInitialized() {
+          return true;
+        }
+
+        @java.lang.Override
+        public Builder mergeFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws java.io.IOException {
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination parsedMessage =
+              null;
+          try {
+            parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+          } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+            parsedMessage =
+                (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination)
+                    e.getUnfinishedMessage();
+            throw e.unwrapIOException();
+          } finally {
+            if (parsedMessage != null) {
+              mergeFrom(parsedMessage);
+            }
+          }
+          return this;
+        }
+
+        private int bitField0_;
+
+        private com.google.protobuf.LazyStringList hosts_ =
+            com.google.protobuf.LazyStringArrayList.EMPTY;
+
+        private void ensureHostsIsMutable() {
+          if (!((bitField0_ & 0x00000001) != 0)) {
+            hosts_ = new com.google.protobuf.LazyStringArrayList(hosts_);
+            bitField0_ |= 0x00000001;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return A list containing the hosts.
+         */
+        public com.google.protobuf.ProtocolStringList getHostsList() {
+          return hosts_.getUnmodifiableView();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The count of hosts.
+         */
+        public int getHostsCount() {
+          return hosts_.size();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param index The index of the element to return.
+         * @return The hosts at the given index.
+         */
+        public java.lang.String getHosts(int index) {
+          return hosts_.get(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param index The index of the value to return.
+         * @return The bytes of the hosts at the given index.
+         */
+        public com.google.protobuf.ByteString getHostsBytes(int index) {
+          return hosts_.getByteString(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param index The index to set the value at.
+         * @param value The hosts to set.
+         * @return This builder for chaining.
+         */
+        public Builder setHosts(int index, java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureHostsIsMutable();
+          hosts_.set(index, value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param value The hosts to add.
+         * @return This builder for chaining.
+         */
+        public Builder addHosts(java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureHostsIsMutable();
+          hosts_.add(value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param values The hosts to add.
+         * @return This builder for chaining.
+         */
+        public Builder addAllHosts(java.lang.Iterable<java.lang.String> values) {
+          ensureHostsIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, hosts_);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return This builder for chaining.
+         */
+        public Builder clearHosts() {
+          hosts_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000001);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of host names to match. Matched against the ":authority" header in
+         * http requests. At least one host should match. Each host can be an
+         * exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
+         * </pre>
+         *
+         * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param value The bytes of the hosts to add.
+         * @return This builder for chaining.
+         */
+        public Builder addHostsBytes(com.google.protobuf.ByteString value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          checkByteStringIsUtf8(value);
+          ensureHostsIsMutable();
+          hosts_.add(value);
+          onChanged();
+          return this;
+        }
+
+        private com.google.protobuf.Internal.IntList ports_ = emptyIntList();
+
+        private void ensurePortsIsMutable() {
+          if (!((bitField0_ & 0x00000002) != 0)) {
+            ports_ = mutableCopy(ports_);
+            bitField0_ |= 0x00000002;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of destination ports to match. At least one port should match.
+         * </pre>
+         *
+         * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return A list containing the ports.
+         */
+        public java.util.List<java.lang.Integer> getPortsList() {
+          return ((bitField0_ & 0x00000002) != 0)
+              ? java.util.Collections.unmodifiableList(ports_)
+              : ports_;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of destination ports to match. At least one port should match.
+         * </pre>
+         *
+         * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return The count of ports.
+         */
+        public int getPortsCount() {
+          return ports_.size();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of destination ports to match. At least one port should match.
+         * </pre>
+         *
+         * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param index The index of the element to return.
+         * @return The ports at the given index.
+         */
+        public int getPorts(int index) {
+          return ports_.getInt(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of destination ports to match. At least one port should match.
+         * </pre>
+         *
+         * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param index The index to set the value at.
+         * @param value The ports to set.
+         * @return This builder for chaining.
+         */
+        public Builder setPorts(int index, int value) {
+          ensurePortsIsMutable();
+          ports_.setInt(index, value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of destination ports to match. At least one port should match.
+         * </pre>
+         *
+         * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param value The ports to add.
+         * @return This builder for chaining.
+         */
+        public Builder addPorts(int value) {
+          ensurePortsIsMutable();
+          ports_.addInt(value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of destination ports to match. At least one port should match.
+         * </pre>
+         *
+         * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @param values The ports to add.
+         * @return This builder for chaining.
+         */
+        public Builder addAllPorts(java.lang.Iterable<? extends java.lang.Integer> values) {
+          ensurePortsIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, ports_);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Required. List of destination ports to match. At least one port should match.
+         * </pre>
+         *
+         * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+         *
+         * @return This builder for chaining.
+         */
+        public Builder clearPorts() {
+          ports_ = emptyIntList();
+          bitField0_ = (bitField0_ & ~0x00000002);
+          onChanged();
+          return this;
+        }
+
+        private com.google.protobuf.LazyStringList methods_ =
+            com.google.protobuf.LazyStringArrayList.EMPTY;
+
+        private void ensureMethodsIsMutable() {
+          if (!((bitField0_ & 0x00000004) != 0)) {
+            methods_ = new com.google.protobuf.LazyStringArrayList(methods_);
+            bitField0_ |= 0x00000004;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return A list containing the methods.
+         */
+        public com.google.protobuf.ProtocolStringList getMethodsList() {
+          return methods_.getUnmodifiableView();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return The count of methods.
+         */
+        public int getMethodsCount() {
+          return methods_.size();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index of the element to return.
+         * @return The methods at the given index.
+         */
+        public java.lang.String getMethods(int index) {
+          return methods_.get(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index of the value to return.
+         * @return The bytes of the methods at the given index.
+         */
+        public com.google.protobuf.ByteString getMethodsBytes(int index) {
+          return methods_.getByteString(index);
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param index The index to set the value at.
+         * @param value The methods to set.
+         * @return This builder for chaining.
+         */
+        public Builder setMethods(int index, java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureMethodsIsMutable();
+          methods_.set(index, value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param value The methods to add.
+         * @return This builder for chaining.
+         */
+        public Builder addMethods(java.lang.String value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureMethodsIsMutable();
+          methods_.add(value);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param values The methods to add.
+         * @return This builder for chaining.
+         */
+        public Builder addAllMethods(java.lang.Iterable<java.lang.String> values) {
+          ensureMethodsIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, methods_);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @return This builder for chaining.
+         */
+        public Builder clearMethods() {
+          methods_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+          bitField0_ = (bitField0_ & ~0x00000004);
+          onChanged();
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. A list of HTTP methods to match. At least one method should
+         * match. Should not be set for gRPC services.
+         * </pre>
+         *
+         * <code>repeated string methods = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
+         *
+         * @param value The bytes of the methods to add.
+         * @return This builder for chaining.
+         */
+        public Builder addMethodsBytes(com.google.protobuf.ByteString value) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          checkByteStringIsUtf8(value);
+          ensureMethodsIsMutable();
+          methods_.add(value);
+          onChanged();
+          return this;
+        }
+
+        private com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            httpHeaderMatch_;
+        private com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch.Builder,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatchOrBuilder>
+            httpHeaderMatchBuilder_;
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         *
+         * @return Whether the httpHeaderMatch field is set.
+         */
+        public boolean hasHttpHeaderMatch() {
+          return httpHeaderMatchBuilder_ != null || httpHeaderMatch_ != null;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         *
+         * @return The httpHeaderMatch.
+         */
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch
+            getHttpHeaderMatch() {
+          if (httpHeaderMatchBuilder_ == null) {
+            return httpHeaderMatch_ == null
+                ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch.getDefaultInstance()
+                : httpHeaderMatch_;
+          } else {
+            return httpHeaderMatchBuilder_.getMessage();
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         */
+        public Builder setHttpHeaderMatch(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+                value) {
+          if (httpHeaderMatchBuilder_ == null) {
+            if (value == null) {
+              throw new NullPointerException();
+            }
+            httpHeaderMatch_ = value;
+            onChanged();
+          } else {
+            httpHeaderMatchBuilder_.setMessage(value);
+          }
+
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         */
+        public Builder setHttpHeaderMatch(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+                    .Builder
+                builderForValue) {
+          if (httpHeaderMatchBuilder_ == null) {
+            httpHeaderMatch_ = builderForValue.build();
+            onChanged();
+          } else {
+            httpHeaderMatchBuilder_.setMessage(builderForValue.build());
+          }
+
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         */
+        public Builder mergeHttpHeaderMatch(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch
+                value) {
+          if (httpHeaderMatchBuilder_ == null) {
+            if (httpHeaderMatch_ != null) {
+              httpHeaderMatch_ =
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                      .HttpHeaderMatch.newBuilder(httpHeaderMatch_)
+                      .mergeFrom(value)
+                      .buildPartial();
+            } else {
+              httpHeaderMatch_ = value;
+            }
+            onChanged();
+          } else {
+            httpHeaderMatchBuilder_.mergeFrom(value);
+          }
+
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         */
+        public Builder clearHttpHeaderMatch() {
+          if (httpHeaderMatchBuilder_ == null) {
+            httpHeaderMatch_ = null;
+            onChanged();
+          } else {
+            httpHeaderMatch_ = null;
+            httpHeaderMatchBuilder_ = null;
+          }
+
+          return this;
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         */
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatch.Builder
+            getHttpHeaderMatchBuilder() {
+
+          onChanged();
+          return getHttpHeaderMatchFieldBuilder().getBuilder();
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         */
+        public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                .HttpHeaderMatchOrBuilder
+            getHttpHeaderMatchOrBuilder() {
+          if (httpHeaderMatchBuilder_ != null) {
+            return httpHeaderMatchBuilder_.getMessageOrBuilder();
+          } else {
+            return httpHeaderMatch_ == null
+                ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch.getDefaultInstance()
+                : httpHeaderMatch_;
+          }
+        }
+        /**
+         *
+         *
+         * <pre>
+         * Optional. Match against key:value pair in http header. Provides a flexible match
+         * based on HTTP headers, for potentially advanced use cases. At least one
+         * header should match. Avoid using header matches to make authorization
+         * decisions unless there is a strong guarantee that requests arrive
+         * through a trusted client or proxy.
+         * </pre>
+         *
+         * <code>
+         * .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.HttpHeaderMatch http_header_match = 5 [(.google.api.field_behavior) = OPTIONAL];
+         * </code>
+         */
+        private com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatch.Builder,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .HttpHeaderMatchOrBuilder>
+            getHttpHeaderMatchFieldBuilder() {
+          if (httpHeaderMatchBuilder_ == null) {
+            httpHeaderMatchBuilder_ =
+                new com.google.protobuf.SingleFieldBuilderV3<
+                    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                        .HttpHeaderMatch,
+                    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                        .HttpHeaderMatch.Builder,
+                    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                        .HttpHeaderMatchOrBuilder>(
+                    getHttpHeaderMatch(), getParentForChildren(), isClean());
+            httpHeaderMatch_ = null;
+          }
+          return httpHeaderMatchBuilder_;
+        }
+
+        @java.lang.Override
+        public final Builder setUnknownFields(
+            final com.google.protobuf.UnknownFieldSet unknownFields) {
+          return super.setUnknownFields(unknownFields);
+        }
+
+        @java.lang.Override
+        public final Builder mergeUnknownFields(
+            final com.google.protobuf.UnknownFieldSet unknownFields) {
+          return super.mergeUnknownFields(unknownFields);
+        }
+
+        // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination)
+      }
+
+      // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination)
+      private static final com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          DEFAULT_INSTANCE;
+
+      static {
+        DEFAULT_INSTANCE =
+            new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination();
+      }
+
+      public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          getDefaultInstance() {
+        return DEFAULT_INSTANCE;
+      }
+
+      private static final com.google.protobuf.Parser<Destination> PARSER =
+          new com.google.protobuf.AbstractParser<Destination>() {
+            @java.lang.Override
+            public Destination parsePartialFrom(
+                com.google.protobuf.CodedInputStream input,
+                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+                throws com.google.protobuf.InvalidProtocolBufferException {
+              return new Destination(input, extensionRegistry);
+            }
+          };
+
+      public static com.google.protobuf.Parser<Destination> parser() {
+        return PARSER;
+      }
+
+      @java.lang.Override
+      public com.google.protobuf.Parser<Destination> getParserForType() {
+        return PARSER;
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          getDefaultInstanceForType() {
+        return DEFAULT_INSTANCE;
+      }
+    }
+
+    public static final int SOURCES_FIELD_NUMBER = 1;
+    private java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>
+        sources_;
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>
+        getSourcesList() {
+      return sources_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public java.util.List<
+            ? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder>
+        getSourcesOrBuilderList() {
+      return sources_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public int getSourcesCount() {
+      return sources_.size();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source getSources(
+        int index) {
+      return sources_.get(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic source. All of the sources must match.
+     * A source is a match if both principals and ip_blocks match. If not set,
+     * the action specified in the 'action' field will be applied without any
+     * rule checks for the source.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder
+        getSourcesOrBuilder(int index) {
+      return sources_.get(index);
+    }
+
+    public static final int DESTINATIONS_FIELD_NUMBER = 2;
+    private java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination>
+        destinations_;
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination>
+        getDestinationsList() {
+      return destinations_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public java.util.List<
+            ? extends
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder>
+        getDestinationsOrBuilderList() {
+      return destinations_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public int getDestinationsCount() {
+      return destinations_.size();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination getDestinations(
+        int index) {
+      return destinations_.get(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of attributes for the traffic destination. All of the destinations
+     * must match. A destination is a match if a request matches all the
+     * specified hosts, ports, methods and headers. If not set, the
+     * action specified in the 'action' field will be applied without any rule
+     * checks for the destination.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder
+        getDestinationsOrBuilder(int index) {
+      return destinations_.get(index);
+    }
+
+    private byte memoizedIsInitialized = -1;
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      byte isInitialized = memoizedIsInitialized;
+      if (isInitialized == 1) return true;
+      if (isInitialized == 0) return false;
+
+      memoizedIsInitialized = 1;
+      return true;
+    }
+
+    @java.lang.Override
+    public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+      for (int i = 0; i < sources_.size(); i++) {
+        output.writeMessage(1, sources_.get(i));
+      }
+      for (int i = 0; i < destinations_.size(); i++) {
+        output.writeMessage(2, destinations_.get(i));
+      }
+      unknownFields.writeTo(output);
+    }
+
+    @java.lang.Override
+    public int getSerializedSize() {
+      int size = memoizedSize;
+      if (size != -1) return size;
+
+      size = 0;
+      for (int i = 0; i < sources_.size(); i++) {
+        size += com.google.protobuf.CodedOutputStream.computeMessageSize(1, sources_.get(i));
+      }
+      for (int i = 0; i < destinations_.size(); i++) {
+        size += com.google.protobuf.CodedOutputStream.computeMessageSize(2, destinations_.get(i));
+      }
+      size += unknownFields.getSerializedSize();
+      memoizedSize = size;
+      return size;
+    }
+
+    @java.lang.Override
+    public boolean equals(final java.lang.Object obj) {
+      if (obj == this) {
+        return true;
+      }
+      if (!(obj instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule)) {
+        return super.equals(obj);
+      }
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule other =
+          (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule) obj;
+
+      if (!getSourcesList().equals(other.getSourcesList())) return false;
+      if (!getDestinationsList().equals(other.getDestinationsList())) return false;
+      if (!unknownFields.equals(other.unknownFields)) return false;
+      return true;
+    }
+
+    @java.lang.Override
+    public int hashCode() {
+      if (memoizedHashCode != 0) {
+        return memoizedHashCode;
+      }
+      int hash = 41;
+      hash = (19 * hash) + getDescriptor().hashCode();
+      if (getSourcesCount() > 0) {
+        hash = (37 * hash) + SOURCES_FIELD_NUMBER;
+        hash = (53 * hash) + getSourcesList().hashCode();
+      }
+      if (getDestinationsCount() > 0) {
+        hash = (37 * hash) + DESTINATIONS_FIELD_NUMBER;
+        hash = (53 * hash) + getDestinationsList().hashCode();
+      }
+      hash = (29 * hash) + unknownFields.hashCode();
+      memoizedHashCode = hash;
+      return hash;
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        com.google.protobuf.ByteString data)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        com.google.protobuf.ByteString data,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        java.io.InputStream input) throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+          PARSER, input, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseDelimitedFrom(
+        java.io.InputStream input) throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseDelimitedFrom(
+        java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+          PARSER, input, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parseFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+          PARSER, input, extensionRegistry);
+    }
+
+    @java.lang.Override
+    public Builder newBuilderForType() {
+      return newBuilder();
+    }
+
+    public static Builder newBuilder() {
+      return DEFAULT_INSTANCE.toBuilder();
+    }
+
+    public static Builder newBuilder(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule prototype) {
+      return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+    }
+
+    @java.lang.Override
+    public Builder toBuilder() {
+      return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+    }
+
+    @java.lang.Override
+    protected Builder newBuilderForType(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      Builder builder = new Builder(parent);
+      return builder;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Specification of rules.
+     * </pre>
+     *
+     * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy.Rule}
+     */
+    public static final class Builder
+        extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+        implements
+        // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule)
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder {
+      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor;
+      }
+
+      @java.lang.Override
+      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+          internalGetFieldAccessorTable() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_fieldAccessorTable
+            .ensureFieldAccessorsInitialized(
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.class,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder.class);
+      }
+
+      // Construct using com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.newBuilder()
+      private Builder() {
+        maybeForceBuilderInitialization();
+      }
+
+      private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+        super(parent);
+        maybeForceBuilderInitialization();
+      }
+
+      private void maybeForceBuilderInitialization() {
+        if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {
+          getSourcesFieldBuilder();
+          getDestinationsFieldBuilder();
+        }
+      }
+
+      @java.lang.Override
+      public Builder clear() {
+        super.clear();
+        if (sourcesBuilder_ == null) {
+          sources_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000001);
+        } else {
+          sourcesBuilder_.clear();
+        }
+        if (destinationsBuilder_ == null) {
+          destinations_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          destinationsBuilder_.clear();
+        }
+        return this;
+      }
+
+      @java.lang.Override
+      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor;
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule
+          getDefaultInstanceForType() {
+        return com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.getDefaultInstance();
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule build() {
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule result = buildPartial();
+        if (!result.isInitialized()) {
+          throw newUninitializedMessageException(result);
+        }
+        return result;
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule buildPartial() {
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule result =
+            new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule(this);
+        int from_bitField0_ = bitField0_;
+        if (sourcesBuilder_ == null) {
+          if (((bitField0_ & 0x00000001) != 0)) {
+            sources_ = java.util.Collections.unmodifiableList(sources_);
+            bitField0_ = (bitField0_ & ~0x00000001);
+          }
+          result.sources_ = sources_;
+        } else {
+          result.sources_ = sourcesBuilder_.build();
+        }
+        if (destinationsBuilder_ == null) {
+          if (((bitField0_ & 0x00000002) != 0)) {
+            destinations_ = java.util.Collections.unmodifiableList(destinations_);
+            bitField0_ = (bitField0_ & ~0x00000002);
+          }
+          result.destinations_ = destinations_;
+        } else {
+          result.destinations_ = destinationsBuilder_.build();
+        }
+        onBuilt();
+        return result;
+      }
+
+      @java.lang.Override
+      public Builder clone() {
+        return super.clone();
+      }
+
+      @java.lang.Override
+      public Builder setField(
+          com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+        return super.setField(field, value);
+      }
+
+      @java.lang.Override
+      public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+        return super.clearField(field);
+      }
+
+      @java.lang.Override
+      public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+        return super.clearOneof(oneof);
+      }
+
+      @java.lang.Override
+      public Builder setRepeatedField(
+          com.google.protobuf.Descriptors.FieldDescriptor field,
+          int index,
+          java.lang.Object value) {
+        return super.setRepeatedField(field, index, value);
+      }
+
+      @java.lang.Override
+      public Builder addRepeatedField(
+          com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+        return super.addRepeatedField(field, value);
+      }
+
+      @java.lang.Override
+      public Builder mergeFrom(com.google.protobuf.Message other) {
+        if (other instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule) {
+          return mergeFrom((com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule) other);
+        } else {
+          super.mergeFrom(other);
+          return this;
+        }
+      }
+
+      public Builder mergeFrom(com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule other) {
+        if (other
+            == com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.getDefaultInstance())
+          return this;
+        if (sourcesBuilder_ == null) {
+          if (!other.sources_.isEmpty()) {
+            if (sources_.isEmpty()) {
+              sources_ = other.sources_;
+              bitField0_ = (bitField0_ & ~0x00000001);
+            } else {
+              ensureSourcesIsMutable();
+              sources_.addAll(other.sources_);
+            }
+            onChanged();
+          }
+        } else {
+          if (!other.sources_.isEmpty()) {
+            if (sourcesBuilder_.isEmpty()) {
+              sourcesBuilder_.dispose();
+              sourcesBuilder_ = null;
+              sources_ = other.sources_;
+              bitField0_ = (bitField0_ & ~0x00000001);
+              sourcesBuilder_ =
+                  com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                      ? getSourcesFieldBuilder()
+                      : null;
+            } else {
+              sourcesBuilder_.addAllMessages(other.sources_);
+            }
+          }
+        }
+        if (destinationsBuilder_ == null) {
+          if (!other.destinations_.isEmpty()) {
+            if (destinations_.isEmpty()) {
+              destinations_ = other.destinations_;
+              bitField0_ = (bitField0_ & ~0x00000002);
+            } else {
+              ensureDestinationsIsMutable();
+              destinations_.addAll(other.destinations_);
+            }
+            onChanged();
+          }
+        } else {
+          if (!other.destinations_.isEmpty()) {
+            if (destinationsBuilder_.isEmpty()) {
+              destinationsBuilder_.dispose();
+              destinationsBuilder_ = null;
+              destinations_ = other.destinations_;
+              bitField0_ = (bitField0_ & ~0x00000002);
+              destinationsBuilder_ =
+                  com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                      ? getDestinationsFieldBuilder()
+                      : null;
+            } else {
+              destinationsBuilder_.addAllMessages(other.destinations_);
+            }
+          }
+        }
+        this.mergeUnknownFields(other.unknownFields);
+        onChanged();
+        return this;
+      }
+
+      @java.lang.Override
+      public final boolean isInitialized() {
+        return true;
+      }
+
+      @java.lang.Override
+      public Builder mergeFrom(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule parsedMessage = null;
+        try {
+          parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+        } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+          parsedMessage =
+              (com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule)
+                  e.getUnfinishedMessage();
+          throw e.unwrapIOException();
+        } finally {
+          if (parsedMessage != null) {
+            mergeFrom(parsedMessage);
+          }
+        }
+        return this;
+      }
+
+      private int bitField0_;
+
+      private java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>
+          sources_ = java.util.Collections.emptyList();
+
+      private void ensureSourcesIsMutable() {
+        if (!((bitField0_ & 0x00000001) != 0)) {
+          sources_ =
+              new java.util.ArrayList<
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>(sources_);
+          bitField0_ |= 0x00000001;
+        }
+      }
+
+      private com.google.protobuf.RepeatedFieldBuilderV3<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder>
+          sourcesBuilder_;
+
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>
+          getSourcesList() {
+        if (sourcesBuilder_ == null) {
+          return java.util.Collections.unmodifiableList(sources_);
+        } else {
+          return sourcesBuilder_.getMessageList();
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public int getSourcesCount() {
+        if (sourcesBuilder_ == null) {
+          return sources_.size();
+        } else {
+          return sourcesBuilder_.getCount();
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source getSources(
+          int index) {
+        if (sourcesBuilder_ == null) {
+          return sources_.get(index);
+        } else {
+          return sourcesBuilder_.getMessage(index);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder setSources(
+          int index, com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source value) {
+        if (sourcesBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureSourcesIsMutable();
+          sources_.set(index, value);
+          onChanged();
+        } else {
+          sourcesBuilder_.setMessage(index, value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder setSources(
+          int index,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder
+              builderForValue) {
+        if (sourcesBuilder_ == null) {
+          ensureSourcesIsMutable();
+          sources_.set(index, builderForValue.build());
+          onChanged();
+        } else {
+          sourcesBuilder_.setMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addSources(
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source value) {
+        if (sourcesBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureSourcesIsMutable();
+          sources_.add(value);
+          onChanged();
+        } else {
+          sourcesBuilder_.addMessage(value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addSources(
+          int index, com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source value) {
+        if (sourcesBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureSourcesIsMutable();
+          sources_.add(index, value);
+          onChanged();
+        } else {
+          sourcesBuilder_.addMessage(index, value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addSources(
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder
+              builderForValue) {
+        if (sourcesBuilder_ == null) {
+          ensureSourcesIsMutable();
+          sources_.add(builderForValue.build());
+          onChanged();
+        } else {
+          sourcesBuilder_.addMessage(builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addSources(
+          int index,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder
+              builderForValue) {
+        if (sourcesBuilder_ == null) {
+          ensureSourcesIsMutable();
+          sources_.add(index, builderForValue.build());
+          onChanged();
+        } else {
+          sourcesBuilder_.addMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addAllSources(
+          java.lang.Iterable<
+                  ? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source>
+              values) {
+        if (sourcesBuilder_ == null) {
+          ensureSourcesIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, sources_);
+          onChanged();
+        } else {
+          sourcesBuilder_.addAllMessages(values);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder clearSources() {
+        if (sourcesBuilder_ == null) {
+          sources_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000001);
+          onChanged();
+        } else {
+          sourcesBuilder_.clear();
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder removeSources(int index) {
+        if (sourcesBuilder_ == null) {
+          ensureSourcesIsMutable();
+          sources_.remove(index);
+          onChanged();
+        } else {
+          sourcesBuilder_.remove(index);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder
+          getSourcesBuilder(int index) {
+        return getSourcesFieldBuilder().getBuilder(index);
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder
+          getSourcesOrBuilder(int index) {
+        if (sourcesBuilder_ == null) {
+          return sources_.get(index);
+        } else {
+          return sourcesBuilder_.getMessageOrBuilder(index);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public java.util.List<
+              ? extends
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder>
+          getSourcesOrBuilderList() {
+        if (sourcesBuilder_ != null) {
+          return sourcesBuilder_.getMessageOrBuilderList();
+        } else {
+          return java.util.Collections.unmodifiableList(sources_);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder
+          addSourcesBuilder() {
+        return getSourcesFieldBuilder()
+            .addBuilder(
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+                    .getDefaultInstance());
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder
+          addSourcesBuilder(int index) {
+        return getSourcesFieldBuilder()
+            .addBuilder(
+                index,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source
+                    .getDefaultInstance());
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic source. All of the sources must match.
+       * A source is a match if both principals and ip_blocks match. If not set,
+       * the action specified in the 'action' field will be applied without any
+       * rule checks for the source.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source sources = 1 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public java.util.List<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder>
+          getSourcesBuilderList() {
+        return getSourcesFieldBuilder().getBuilderList();
+      }
+
+      private com.google.protobuf.RepeatedFieldBuilderV3<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder>
+          getSourcesFieldBuilder() {
+        if (sourcesBuilder_ == null) {
+          sourcesBuilder_ =
+              new com.google.protobuf.RepeatedFieldBuilderV3<
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source,
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Source.Builder,
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.SourceOrBuilder>(
+                  sources_, ((bitField0_ & 0x00000001) != 0), getParentForChildren(), isClean());
+          sources_ = null;
+        }
+        return sourcesBuilder_;
+      }
+
+      private java.util.List<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination>
+          destinations_ = java.util.Collections.emptyList();
+
+      private void ensureDestinationsIsMutable() {
+        if (!((bitField0_ & 0x00000002) != 0)) {
+          destinations_ =
+              new java.util.ArrayList<
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination>(
+                  destinations_);
+          bitField0_ |= 0x00000002;
+        }
+      }
+
+      private com.google.protobuf.RepeatedFieldBuilderV3<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder>
+          destinationsBuilder_;
+
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public java.util.List<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination>
+          getDestinationsList() {
+        if (destinationsBuilder_ == null) {
+          return java.util.Collections.unmodifiableList(destinations_);
+        } else {
+          return destinationsBuilder_.getMessageList();
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public int getDestinationsCount() {
+        if (destinationsBuilder_ == null) {
+          return destinations_.size();
+        } else {
+          return destinationsBuilder_.getCount();
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+          getDestinations(int index) {
+        if (destinationsBuilder_ == null) {
+          return destinations_.get(index);
+        } else {
+          return destinationsBuilder_.getMessage(index);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder setDestinations(
+          int index,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination value) {
+        if (destinationsBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureDestinationsIsMutable();
+          destinations_.set(index, value);
+          onChanged();
+        } else {
+          destinationsBuilder_.setMessage(index, value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder setDestinations(
+          int index,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+              builderForValue) {
+        if (destinationsBuilder_ == null) {
+          ensureDestinationsIsMutable();
+          destinations_.set(index, builderForValue.build());
+          onChanged();
+        } else {
+          destinationsBuilder_.setMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addDestinations(
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination value) {
+        if (destinationsBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureDestinationsIsMutable();
+          destinations_.add(value);
+          onChanged();
+        } else {
+          destinationsBuilder_.addMessage(value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addDestinations(
+          int index,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination value) {
+        if (destinationsBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureDestinationsIsMutable();
+          destinations_.add(index, value);
+          onChanged();
+        } else {
+          destinationsBuilder_.addMessage(index, value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addDestinations(
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+              builderForValue) {
+        if (destinationsBuilder_ == null) {
+          ensureDestinationsIsMutable();
+          destinations_.add(builderForValue.build());
+          onChanged();
+        } else {
+          destinationsBuilder_.addMessage(builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addDestinations(
+          int index,
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+              builderForValue) {
+        if (destinationsBuilder_ == null) {
+          ensureDestinationsIsMutable();
+          destinations_.add(index, builderForValue.build());
+          onChanged();
+        } else {
+          destinationsBuilder_.addMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder addAllDestinations(
+          java.lang.Iterable<
+                  ? extends
+                      com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination>
+              values) {
+        if (destinationsBuilder_ == null) {
+          ensureDestinationsIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, destinations_);
+          onChanged();
+        } else {
+          destinationsBuilder_.addAllMessages(values);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder clearDestinations() {
+        if (destinationsBuilder_ == null) {
+          destinations_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000002);
+          onChanged();
+        } else {
+          destinationsBuilder_.clear();
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public Builder removeDestinations(int index) {
+        if (destinationsBuilder_ == null) {
+          ensureDestinationsIsMutable();
+          destinations_.remove(index);
+          onChanged();
+        } else {
+          destinationsBuilder_.remove(index);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+          getDestinationsBuilder(int index) {
+        return getDestinationsFieldBuilder().getBuilder(index);
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder
+          getDestinationsOrBuilder(int index) {
+        if (destinationsBuilder_ == null) {
+          return destinations_.get(index);
+        } else {
+          return destinationsBuilder_.getMessageOrBuilder(index);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public java.util.List<
+              ? extends
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder>
+          getDestinationsOrBuilderList() {
+        if (destinationsBuilder_ != null) {
+          return destinationsBuilder_.getMessageOrBuilderList();
+        } else {
+          return java.util.Collections.unmodifiableList(destinations_);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+          addDestinationsBuilder() {
+        return getDestinationsFieldBuilder()
+            .addBuilder(
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .getDefaultInstance());
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder
+          addDestinationsBuilder(int index) {
+        return getDestinationsFieldBuilder()
+            .addBuilder(
+                index,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination
+                    .getDefaultInstance());
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Optional. List of attributes for the traffic destination. All of the destinations
+       * must match. A destination is a match if a request matches all the
+       * specified hosts, ports, methods and headers. If not set, the
+       * action specified in the 'action' field will be applied without any rule
+       * checks for the destination.
+       * </pre>
+       *
+       * <code>
+       * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination destinations = 2 [(.google.api.field_behavior) = OPTIONAL];
+       * </code>
+       */
+      public java.util.List<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder>
+          getDestinationsBuilderList() {
+        return getDestinationsFieldBuilder().getBuilderList();
+      }
+
+      private com.google.protobuf.RepeatedFieldBuilderV3<
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.DestinationOrBuilder>
+          getDestinationsFieldBuilder() {
+        if (destinationsBuilder_ == null) {
+          destinationsBuilder_ =
+              new com.google.protobuf.RepeatedFieldBuilderV3<
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination,
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Destination.Builder,
+                  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule
+                      .DestinationOrBuilder>(
+                  destinations_,
+                  ((bitField0_ & 0x00000002) != 0),
+                  getParentForChildren(),
+                  isClean());
+          destinations_ = null;
+        }
+        return destinationsBuilder_;
+      }
+
+      @java.lang.Override
+      public final Builder setUnknownFields(
+          final com.google.protobuf.UnknownFieldSet unknownFields) {
+        return super.setUnknownFields(unknownFields);
+      }
+
+      @java.lang.Override
+      public final Builder mergeUnknownFields(
+          final com.google.protobuf.UnknownFieldSet unknownFields) {
+        return super.mergeUnknownFields(unknownFields);
+      }
+
+      // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule)
+    }
+
+    // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.AuthorizationPolicy.Rule)
+    private static final com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule
+        DEFAULT_INSTANCE;
+
+    static {
+      DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule();
+    }
+
+    public static com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule
+        getDefaultInstance() {
+      return DEFAULT_INSTANCE;
+    }
+
+    private static final com.google.protobuf.Parser<Rule> PARSER =
+        new com.google.protobuf.AbstractParser<Rule>() {
+          @java.lang.Override
+          public Rule parsePartialFrom(
+              com.google.protobuf.CodedInputStream input,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws com.google.protobuf.InvalidProtocolBufferException {
+            return new Rule(input, extensionRegistry);
+          }
+        };
+
+    public static com.google.protobuf.Parser<Rule> parser() {
+      return PARSER;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Parser<Rule> getParserForType() {
+      return PARSER;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule
+        getDefaultInstanceForType() {
+      return DEFAULT_INSTANCE;
+    }
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the AuthorizationPolicy resource. It matches pattern
+   * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the AuthorizationPolicy resource. It matches pattern
+   * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DESCRIPTION_FIELD_NUMBER = 2;
+  private volatile java.lang.Object description_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The description.
+   */
+  @java.lang.Override
+  public java.lang.String getDescription() {
+    java.lang.Object ref = description_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      description_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The bytes for description.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getDescriptionBytes() {
+    java.lang.Object ref = description_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      description_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int CREATE_TIME_FIELD_NUMBER = 3;
+  private com.google.protobuf.Timestamp createTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasCreateTime() {
+    return createTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getCreateTime() {
+    return createTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : createTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+    return getCreateTime();
+  }
+
+  public static final int UPDATE_TIME_FIELD_NUMBER = 4;
+  private com.google.protobuf.Timestamp updateTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the updateTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasUpdateTime() {
+    return updateTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The updateTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getUpdateTime() {
+    return updateTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : updateTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder() {
+    return getUpdateTime();
+  }
+
+  public static final int LABELS_FIELD_NUMBER = 5;
+
+  private static final class LabelsDefaultEntryHolder {
+    static final com.google.protobuf.MapEntry<java.lang.String, java.lang.String> defaultEntry =
+        com.google.protobuf.MapEntry.<java.lang.String, java.lang.String>newDefaultInstance(
+            com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+                .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_LabelsEntry_descriptor,
+            com.google.protobuf.WireFormat.FieldType.STRING,
+            "",
+            com.google.protobuf.WireFormat.FieldType.STRING,
+            "");
+  }
+
+  private com.google.protobuf.MapField<java.lang.String, java.lang.String> labels_;
+
+  private com.google.protobuf.MapField<java.lang.String, java.lang.String> internalGetLabels() {
+    if (labels_ == null) {
+      return com.google.protobuf.MapField.emptyMapField(LabelsDefaultEntryHolder.defaultEntry);
+    }
+    return labels_;
+  }
+
+  public int getLabelsCount() {
+    return internalGetLabels().getMap().size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public boolean containsLabels(java.lang.String key) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    return internalGetLabels().getMap().containsKey(key);
+  }
+  /** Use {@link #getLabelsMap()} instead. */
+  @java.lang.Override
+  @java.lang.Deprecated
+  public java.util.Map<java.lang.String, java.lang.String> getLabels() {
+    return getLabelsMap();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
+    return internalGetLabels().getMap();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public java.lang.String getLabelsOrDefault(java.lang.String key, java.lang.String defaultValue) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+    return map.containsKey(key) ? map.get(key) : defaultValue;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public java.lang.String getLabelsOrThrow(java.lang.String key) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+    if (!map.containsKey(key)) {
+      throw new java.lang.IllegalArgumentException();
+    }
+    return map.get(key);
+  }
+
+  public static final int ACTION_FIELD_NUMBER = 6;
+  private int action_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The action to take when a rule match is found. Possible values
+   * are "ALLOW" or "DENY".
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The enum numeric value on the wire for action.
+   */
+  @java.lang.Override
+  public int getActionValue() {
+    return action_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The action to take when a rule match is found. Possible values
+   * are "ALLOW" or "DENY".
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The action.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action getAction() {
+    @SuppressWarnings("deprecation")
+    com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action result =
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action.valueOf(action_);
+    return result == null
+        ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action.UNRECOGNIZED
+        : result;
+  }
+
+  public static final int RULES_FIELD_NUMBER = 7;
+  private java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule> rules_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule>
+      getRulesList() {
+    return rules_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public java.util.List<
+          ? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder>
+      getRulesOrBuilderList() {
+    return rules_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public int getRulesCount() {
+    return rules_.size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule getRules(int index) {
+    return rules_.get(index);
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder getRulesOrBuilder(
+      int index) {
+    return rules_.get(index);
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(description_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, description_);
+    }
+    if (createTime_ != null) {
+      output.writeMessage(3, getCreateTime());
+    }
+    if (updateTime_ != null) {
+      output.writeMessage(4, getUpdateTime());
+    }
+    com.google.protobuf.GeneratedMessageV3.serializeStringMapTo(
+        output, internalGetLabels(), LabelsDefaultEntryHolder.defaultEntry, 5);
+    if (action_
+        != com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action.ACTION_UNSPECIFIED
+            .getNumber()) {
+      output.writeEnum(6, action_);
+    }
+    for (int i = 0; i < rules_.size(); i++) {
+      output.writeMessage(7, rules_.get(i));
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(description_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, description_);
+    }
+    if (createTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getCreateTime());
+    }
+    if (updateTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(4, getUpdateTime());
+    }
+    for (java.util.Map.Entry<java.lang.String, java.lang.String> entry :
+        internalGetLabels().getMap().entrySet()) {
+      com.google.protobuf.MapEntry<java.lang.String, java.lang.String> labels__ =
+          LabelsDefaultEntryHolder.defaultEntry
+              .newBuilderForType()
+              .setKey(entry.getKey())
+              .setValue(entry.getValue())
+              .build();
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(5, labels__);
+    }
+    if (action_
+        != com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action.ACTION_UNSPECIFIED
+            .getNumber()) {
+      size += com.google.protobuf.CodedOutputStream.computeEnumSize(6, action_);
+    }
+    for (int i = 0; i < rules_.size(); i++) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(7, rules_.get(i));
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.AuthorizationPolicy other =
+        (com.google.cloud.networksecurity.v1.AuthorizationPolicy) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!getDescription().equals(other.getDescription())) return false;
+    if (hasCreateTime() != other.hasCreateTime()) return false;
+    if (hasCreateTime()) {
+      if (!getCreateTime().equals(other.getCreateTime())) return false;
+    }
+    if (hasUpdateTime() != other.hasUpdateTime()) return false;
+    if (hasUpdateTime()) {
+      if (!getUpdateTime().equals(other.getUpdateTime())) return false;
+    }
+    if (!internalGetLabels().equals(other.internalGetLabels())) return false;
+    if (action_ != other.action_) return false;
+    if (!getRulesList().equals(other.getRulesList())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (37 * hash) + DESCRIPTION_FIELD_NUMBER;
+    hash = (53 * hash) + getDescription().hashCode();
+    if (hasCreateTime()) {
+      hash = (37 * hash) + CREATE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getCreateTime().hashCode();
+    }
+    if (hasUpdateTime()) {
+      hash = (37 * hash) + UPDATE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getUpdateTime().hashCode();
+    }
+    if (!internalGetLabels().getMap().isEmpty()) {
+      hash = (37 * hash) + LABELS_FIELD_NUMBER;
+      hash = (53 * hash) + internalGetLabels().hashCode();
+    }
+    hash = (37 * hash) + ACTION_FIELD_NUMBER;
+    hash = (53 * hash) + action_;
+    if (getRulesCount() > 0) {
+      hash = (37 * hash) + RULES_FIELD_NUMBER;
+      hash = (53 * hash) + getRulesList().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * AuthorizationPolicy is a resource that specifies how a server
+   * should authorize incoming connections. This resource in itself does
+   * not change the configuration unless it's attached to a target https
+   * proxy or endpoint config selector resource.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.AuthorizationPolicy}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.AuthorizationPolicy)
+      com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor;
+    }
+
+    @SuppressWarnings({"rawtypes"})
+    protected com.google.protobuf.MapField internalGetMapField(int number) {
+      switch (number) {
+        case 5:
+          return internalGetLabels();
+        default:
+          throw new RuntimeException("Invalid map field number: " + number);
+      }
+    }
+
+    @SuppressWarnings({"rawtypes"})
+    protected com.google.protobuf.MapField internalGetMutableMapField(int number) {
+      switch (number) {
+        case 5:
+          return internalGetMutableLabels();
+        default:
+          throw new RuntimeException("Invalid map field number: " + number);
+      }
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.class,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.AuthorizationPolicy.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {
+        getRulesFieldBuilder();
+      }
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      description_ = "";
+
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = null;
+      } else {
+        updateTime_ = null;
+        updateTimeBuilder_ = null;
+      }
+      internalGetMutableLabels().clear();
+      action_ = 0;
+
+      if (rulesBuilder_ == null) {
+        rules_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      } else {
+        rulesBuilder_.clear();
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy build() {
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy buildPartial() {
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy result =
+          new com.google.cloud.networksecurity.v1.AuthorizationPolicy(this);
+      int from_bitField0_ = bitField0_;
+      result.name_ = name_;
+      result.description_ = description_;
+      if (createTimeBuilder_ == null) {
+        result.createTime_ = createTime_;
+      } else {
+        result.createTime_ = createTimeBuilder_.build();
+      }
+      if (updateTimeBuilder_ == null) {
+        result.updateTime_ = updateTime_;
+      } else {
+        result.updateTime_ = updateTimeBuilder_.build();
+      }
+      result.labels_ = internalGetLabels();
+      result.labels_.makeImmutable();
+      result.action_ = action_;
+      if (rulesBuilder_ == null) {
+        if (((bitField0_ & 0x00000002) != 0)) {
+          rules_ = java.util.Collections.unmodifiableList(rules_);
+          bitField0_ = (bitField0_ & ~0x00000002);
+        }
+        result.rules_ = rules_;
+      } else {
+        result.rules_ = rulesBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.AuthorizationPolicy) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.AuthorizationPolicy) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.AuthorizationPolicy other) {
+      if (other == com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.getDescription().isEmpty()) {
+        description_ = other.description_;
+        onChanged();
+      }
+      if (other.hasCreateTime()) {
+        mergeCreateTime(other.getCreateTime());
+      }
+      if (other.hasUpdateTime()) {
+        mergeUpdateTime(other.getUpdateTime());
+      }
+      internalGetMutableLabels().mergeFrom(other.internalGetLabels());
+      if (other.action_ != 0) {
+        setActionValue(other.getActionValue());
+      }
+      if (rulesBuilder_ == null) {
+        if (!other.rules_.isEmpty()) {
+          if (rules_.isEmpty()) {
+            rules_ = other.rules_;
+            bitField0_ = (bitField0_ & ~0x00000002);
+          } else {
+            ensureRulesIsMutable();
+            rules_.addAll(other.rules_);
+          }
+          onChanged();
+        }
+      } else {
+        if (!other.rules_.isEmpty()) {
+          if (rulesBuilder_.isEmpty()) {
+            rulesBuilder_.dispose();
+            rulesBuilder_ = null;
+            rules_ = other.rules_;
+            bitField0_ = (bitField0_ & ~0x00000002);
+            rulesBuilder_ =
+                com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                    ? getRulesFieldBuilder()
+                    : null;
+          } else {
+            rulesBuilder_.addAllMessages(other.rules_);
+          }
+        }
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.AuthorizationPolicy) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the AuthorizationPolicy resource. It matches pattern
+     * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the AuthorizationPolicy resource. It matches pattern
+     * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the AuthorizationPolicy resource. It matches pattern
+     * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the AuthorizationPolicy resource. It matches pattern
+     * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the AuthorizationPolicy resource. It matches pattern
+     * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object description_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return The description.
+     */
+    public java.lang.String getDescription() {
+      java.lang.Object ref = description_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        description_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return The bytes for description.
+     */
+    public com.google.protobuf.ByteString getDescriptionBytes() {
+      java.lang.Object ref = description_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        description_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @param value The description to set.
+     * @return This builder for chaining.
+     */
+    public Builder setDescription(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      description_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearDescription() {
+
+      description_ = getDefaultInstance().getDescription();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @param value The bytes for description to set.
+     * @return This builder for chaining.
+     */
+    public Builder setDescriptionBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      description_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp createTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        createTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the createTime field is set.
+     */
+    public boolean hasCreateTime() {
+      return createTimeBuilder_ != null || createTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The createTime.
+     */
+    public com.google.protobuf.Timestamp getCreateTime() {
+      if (createTimeBuilder_ == null) {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      } else {
+        return createTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        createTime_ = value;
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (createTimeBuilder_ == null) {
+        createTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (createTime_ != null) {
+          createTime_ =
+              com.google.protobuf.Timestamp.newBuilder(createTime_).mergeFrom(value).buildPartial();
+        } else {
+          createTime_ = value;
+        }
+        onChanged();
+      } else {
+        createTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearCreateTime() {
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+        onChanged();
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getCreateTimeBuilder() {
+
+      onChanged();
+      return getCreateTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+      if (createTimeBuilder_ != null) {
+        return createTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getCreateTimeFieldBuilder() {
+      if (createTimeBuilder_ == null) {
+        createTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getCreateTime(), getParentForChildren(), isClean());
+        createTime_ = null;
+      }
+      return createTimeBuilder_;
+    }
+
+    private com.google.protobuf.Timestamp updateTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        updateTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the updateTime field is set.
+     */
+    public boolean hasUpdateTime() {
+      return updateTimeBuilder_ != null || updateTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The updateTime.
+     */
+    public com.google.protobuf.Timestamp getUpdateTime() {
+      if (updateTimeBuilder_ == null) {
+        return updateTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : updateTime_;
+      } else {
+        return updateTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setUpdateTime(com.google.protobuf.Timestamp value) {
+      if (updateTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        updateTime_ = value;
+        onChanged();
+      } else {
+        updateTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setUpdateTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        updateTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeUpdateTime(com.google.protobuf.Timestamp value) {
+      if (updateTimeBuilder_ == null) {
+        if (updateTime_ != null) {
+          updateTime_ =
+              com.google.protobuf.Timestamp.newBuilder(updateTime_).mergeFrom(value).buildPartial();
+        } else {
+          updateTime_ = value;
+        }
+        onChanged();
+      } else {
+        updateTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearUpdateTime() {
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = null;
+        onChanged();
+      } else {
+        updateTime_ = null;
+        updateTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getUpdateTimeBuilder() {
+
+      onChanged();
+      return getUpdateTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder() {
+      if (updateTimeBuilder_ != null) {
+        return updateTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return updateTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : updateTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getUpdateTimeFieldBuilder() {
+      if (updateTimeBuilder_ == null) {
+        updateTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getUpdateTime(), getParentForChildren(), isClean());
+        updateTime_ = null;
+      }
+      return updateTimeBuilder_;
+    }
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String> labels_;
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String> internalGetLabels() {
+      if (labels_ == null) {
+        return com.google.protobuf.MapField.emptyMapField(LabelsDefaultEntryHolder.defaultEntry);
+      }
+      return labels_;
+    }
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String>
+        internalGetMutableLabels() {
+      onChanged();
+      ;
+      if (labels_ == null) {
+        labels_ = com.google.protobuf.MapField.newMapField(LabelsDefaultEntryHolder.defaultEntry);
+      }
+      if (!labels_.isMutable()) {
+        labels_ = labels_.copy();
+      }
+      return labels_;
+    }
+
+    public int getLabelsCount() {
+      return internalGetLabels().getMap().size();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public boolean containsLabels(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      return internalGetLabels().getMap().containsKey(key);
+    }
+    /** Use {@link #getLabelsMap()} instead. */
+    @java.lang.Override
+    @java.lang.Deprecated
+    public java.util.Map<java.lang.String, java.lang.String> getLabels() {
+      return getLabelsMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
+      return internalGetLabels().getMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public java.lang.String getLabelsOrDefault(
+        java.lang.String key, java.lang.String defaultValue) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+      return map.containsKey(key) ? map.get(key) : defaultValue;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public java.lang.String getLabelsOrThrow(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+      if (!map.containsKey(key)) {
+        throw new java.lang.IllegalArgumentException();
+      }
+      return map.get(key);
+    }
+
+    public Builder clearLabels() {
+      internalGetMutableLabels().getMutableMap().clear();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    public Builder removeLabels(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      internalGetMutableLabels().getMutableMap().remove(key);
+      return this;
+    }
+    /** Use alternate mutation accessors instead. */
+    @java.lang.Deprecated
+    public java.util.Map<java.lang.String, java.lang.String> getMutableLabels() {
+      return internalGetMutableLabels().getMutableMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    public Builder putLabels(java.lang.String key, java.lang.String value) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      if (value == null) {
+        throw new NullPointerException("map value");
+      }
+
+      internalGetMutableLabels().getMutableMap().put(key, value);
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    public Builder putAllLabels(java.util.Map<java.lang.String, java.lang.String> values) {
+      internalGetMutableLabels().getMutableMap().putAll(values);
+      return this;
+    }
+
+    private int action_ = 0;
+    /**
+     *
+     *
+     * <pre>
+     * Required. The action to take when a rule match is found. Possible values
+     * are "ALLOW" or "DENY".
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The enum numeric value on the wire for action.
+     */
+    @java.lang.Override
+    public int getActionValue() {
+      return action_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The action to take when a rule match is found. Possible values
+     * are "ALLOW" or "DENY".
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @param value The enum numeric value on the wire for action to set.
+     * @return This builder for chaining.
+     */
+    public Builder setActionValue(int value) {
+
+      action_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The action to take when a rule match is found. Possible values
+     * are "ALLOW" or "DENY".
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The action.
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action getAction() {
+      @SuppressWarnings("deprecation")
+      com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action result =
+          com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action.valueOf(action_);
+      return result == null
+          ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action.UNRECOGNIZED
+          : result;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The action to take when a rule match is found. Possible values
+     * are "ALLOW" or "DENY".
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @param value The action to set.
+     * @return This builder for chaining.
+     */
+    public Builder setAction(com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      action_ = value.getNumber();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The action to take when a rule match is found. Possible values
+     * are "ALLOW" or "DENY".
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearAction() {
+
+      action_ = 0;
+      onChanged();
+      return this;
+    }
+
+    private java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule> rules_ =
+        java.util.Collections.emptyList();
+
+    private void ensureRulesIsMutable() {
+      if (!((bitField0_ & 0x00000002) != 0)) {
+        rules_ =
+            new java.util.ArrayList<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule>(
+                rules_);
+        bitField0_ |= 0x00000002;
+      }
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder>
+        rulesBuilder_;
+
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule>
+        getRulesList() {
+      if (rulesBuilder_ == null) {
+        return java.util.Collections.unmodifiableList(rules_);
+      } else {
+        return rulesBuilder_.getMessageList();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public int getRulesCount() {
+      if (rulesBuilder_ == null) {
+        return rules_.size();
+      } else {
+        return rulesBuilder_.getCount();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule getRules(int index) {
+      if (rulesBuilder_ == null) {
+        return rules_.get(index);
+      } else {
+        return rulesBuilder_.getMessage(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setRules(
+        int index, com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule value) {
+      if (rulesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureRulesIsMutable();
+        rules_.set(index, value);
+        onChanged();
+      } else {
+        rulesBuilder_.setMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setRules(
+        int index,
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder builderForValue) {
+      if (rulesBuilder_ == null) {
+        ensureRulesIsMutable();
+        rules_.set(index, builderForValue.build());
+        onChanged();
+      } else {
+        rulesBuilder_.setMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addRules(com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule value) {
+      if (rulesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureRulesIsMutable();
+        rules_.add(value);
+        onChanged();
+      } else {
+        rulesBuilder_.addMessage(value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addRules(
+        int index, com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule value) {
+      if (rulesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureRulesIsMutable();
+        rules_.add(index, value);
+        onChanged();
+      } else {
+        rulesBuilder_.addMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addRules(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder builderForValue) {
+      if (rulesBuilder_ == null) {
+        ensureRulesIsMutable();
+        rules_.add(builderForValue.build());
+        onChanged();
+      } else {
+        rulesBuilder_.addMessage(builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addRules(
+        int index,
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder builderForValue) {
+      if (rulesBuilder_ == null) {
+        ensureRulesIsMutable();
+        rules_.add(index, builderForValue.build());
+        onChanged();
+      } else {
+        rulesBuilder_.addMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addAllRules(
+        java.lang.Iterable<? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule>
+            values) {
+      if (rulesBuilder_ == null) {
+        ensureRulesIsMutable();
+        com.google.protobuf.AbstractMessageLite.Builder.addAll(values, rules_);
+        onChanged();
+      } else {
+        rulesBuilder_.addAllMessages(values);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder clearRules() {
+      if (rulesBuilder_ == null) {
+        rules_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000002);
+        onChanged();
+      } else {
+        rulesBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder removeRules(int index) {
+      if (rulesBuilder_ == null) {
+        ensureRulesIsMutable();
+        rules_.remove(index);
+        onChanged();
+      } else {
+        rulesBuilder_.remove(index);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder getRulesBuilder(
+        int index) {
+      return getRulesFieldBuilder().getBuilder(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder getRulesOrBuilder(
+        int index) {
+      if (rulesBuilder_ == null) {
+        return rules_.get(index);
+      } else {
+        return rulesBuilder_.getMessageOrBuilder(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public java.util.List<
+            ? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder>
+        getRulesOrBuilderList() {
+      if (rulesBuilder_ != null) {
+        return rulesBuilder_.getMessageOrBuilderList();
+      } else {
+        return java.util.Collections.unmodifiableList(rules_);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder addRulesBuilder() {
+      return getRulesFieldBuilder()
+          .addBuilder(
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder addRulesBuilder(
+        int index) {
+      return getRulesFieldBuilder()
+          .addBuilder(
+              index,
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. List of rules to match. Note that at least one of the rules must match in
+     * order for the action specified in the 'action' field to be taken. A rule is
+     * a match if there is a matching source and destination. If left blank, the
+     * action specified in the `action` field will be applied on every request.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder>
+        getRulesBuilderList() {
+      return getRulesFieldBuilder().getBuilderList();
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder>
+        getRulesFieldBuilder() {
+      if (rulesBuilder_ == null) {
+        rulesBuilder_ =
+            new com.google.protobuf.RepeatedFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule.Builder,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder>(
+                rules_, ((bitField0_ & 0x00000002) != 0), getParentForChildren(), isClean());
+        rules_ = null;
+      }
+      return rulesBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.AuthorizationPolicy)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.AuthorizationPolicy)
+  private static final com.google.cloud.networksecurity.v1.AuthorizationPolicy DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.AuthorizationPolicy();
+  }
+
+  public static com.google.cloud.networksecurity.v1.AuthorizationPolicy getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<AuthorizationPolicy> PARSER =
+      new com.google.protobuf.AbstractParser<AuthorizationPolicy>() {
+        @java.lang.Override
+        public AuthorizationPolicy parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new AuthorizationPolicy(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<AuthorizationPolicy> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<AuthorizationPolicy> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicy getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyName.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyName.java
new file mode 100644
index 000000000000..d6af239c1f37
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyName.java
@@ -0,0 +1,232 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import com.google.api.pathtemplate.PathTemplate;
+import com.google.api.resourcenames.ResourceName;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableMap;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+@Generated("by gapic-generator-java")
+public class AuthorizationPolicyName implements ResourceName {
+  private static final PathTemplate PROJECT_LOCATION_AUTHORIZATION_POLICY =
+      PathTemplate.createWithoutUrlEncoding(
+          "projects/{project}/locations/{location}/authorizationPolicies/{authorization_policy}");
+  private volatile Map<String, String> fieldValuesMap;
+  private final String project;
+  private final String location;
+  private final String authorizationPolicy;
+
+  @Deprecated
+  protected AuthorizationPolicyName() {
+    project = null;
+    location = null;
+    authorizationPolicy = null;
+  }
+
+  private AuthorizationPolicyName(Builder builder) {
+    project = Preconditions.checkNotNull(builder.getProject());
+    location = Preconditions.checkNotNull(builder.getLocation());
+    authorizationPolicy = Preconditions.checkNotNull(builder.getAuthorizationPolicy());
+  }
+
+  public String getProject() {
+    return project;
+  }
+
+  public String getLocation() {
+    return location;
+  }
+
+  public String getAuthorizationPolicy() {
+    return authorizationPolicy;
+  }
+
+  public static Builder newBuilder() {
+    return new Builder();
+  }
+
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  public static AuthorizationPolicyName of(
+      String project, String location, String authorizationPolicy) {
+    return newBuilder()
+        .setProject(project)
+        .setLocation(location)
+        .setAuthorizationPolicy(authorizationPolicy)
+        .build();
+  }
+
+  public static String format(String project, String location, String authorizationPolicy) {
+    return newBuilder()
+        .setProject(project)
+        .setLocation(location)
+        .setAuthorizationPolicy(authorizationPolicy)
+        .build()
+        .toString();
+  }
+
+  public static AuthorizationPolicyName parse(String formattedString) {
+    if (formattedString.isEmpty()) {
+      return null;
+    }
+    Map<String, String> matchMap =
+        PROJECT_LOCATION_AUTHORIZATION_POLICY.validatedMatch(
+            formattedString, "AuthorizationPolicyName.parse: formattedString not in valid format");
+    return of(
+        matchMap.get("project"), matchMap.get("location"), matchMap.get("authorization_policy"));
+  }
+
+  public static List<AuthorizationPolicyName> parseList(List<String> formattedStrings) {
+    List<AuthorizationPolicyName> list = new ArrayList<>(formattedStrings.size());
+    for (String formattedString : formattedStrings) {
+      list.add(parse(formattedString));
+    }
+    return list;
+  }
+
+  public static List<String> toStringList(List<AuthorizationPolicyName> values) {
+    List<String> list = new ArrayList<>(values.size());
+    for (AuthorizationPolicyName value : values) {
+      if (value == null) {
+        list.add("");
+      } else {
+        list.add(value.toString());
+      }
+    }
+    return list;
+  }
+
+  public static boolean isParsableFrom(String formattedString) {
+    return PROJECT_LOCATION_AUTHORIZATION_POLICY.matches(formattedString);
+  }
+
+  @Override
+  public Map<String, String> getFieldValuesMap() {
+    if (fieldValuesMap == null) {
+      synchronized (this) {
+        if (fieldValuesMap == null) {
+          ImmutableMap.Builder<String, String> fieldMapBuilder = ImmutableMap.builder();
+          if (project != null) {
+            fieldMapBuilder.put("project", project);
+          }
+          if (location != null) {
+            fieldMapBuilder.put("location", location);
+          }
+          if (authorizationPolicy != null) {
+            fieldMapBuilder.put("authorization_policy", authorizationPolicy);
+          }
+          fieldValuesMap = fieldMapBuilder.build();
+        }
+      }
+    }
+    return fieldValuesMap;
+  }
+
+  public String getFieldValue(String fieldName) {
+    return getFieldValuesMap().get(fieldName);
+  }
+
+  @Override
+  public String toString() {
+    return PROJECT_LOCATION_AUTHORIZATION_POLICY.instantiate(
+        "project", project, "location", location, "authorization_policy", authorizationPolicy);
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (o == this) {
+      return true;
+    }
+    if (o != null || getClass() == o.getClass()) {
+      AuthorizationPolicyName that = ((AuthorizationPolicyName) o);
+      return Objects.equals(this.project, that.project)
+          && Objects.equals(this.location, that.location)
+          && Objects.equals(this.authorizationPolicy, that.authorizationPolicy);
+    }
+    return false;
+  }
+
+  @Override
+  public int hashCode() {
+    int h = 1;
+    h *= 1000003;
+    h ^= Objects.hashCode(project);
+    h *= 1000003;
+    h ^= Objects.hashCode(location);
+    h *= 1000003;
+    h ^= Objects.hashCode(authorizationPolicy);
+    return h;
+  }
+
+  /**
+   * Builder for
+   * projects/{project}/locations/{location}/authorizationPolicies/{authorization_policy}.
+   */
+  public static class Builder {
+    private String project;
+    private String location;
+    private String authorizationPolicy;
+
+    protected Builder() {}
+
+    public String getProject() {
+      return project;
+    }
+
+    public String getLocation() {
+      return location;
+    }
+
+    public String getAuthorizationPolicy() {
+      return authorizationPolicy;
+    }
+
+    public Builder setProject(String project) {
+      this.project = project;
+      return this;
+    }
+
+    public Builder setLocation(String location) {
+      this.location = location;
+      return this;
+    }
+
+    public Builder setAuthorizationPolicy(String authorizationPolicy) {
+      this.authorizationPolicy = authorizationPolicy;
+      return this;
+    }
+
+    private Builder(AuthorizationPolicyName authorizationPolicyName) {
+      this.project = authorizationPolicyName.project;
+      this.location = authorizationPolicyName.location;
+      this.authorizationPolicy = authorizationPolicyName.authorizationPolicy;
+    }
+
+    public AuthorizationPolicyName build() {
+      return new AuthorizationPolicyName(this);
+    }
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyOrBuilder.java
new file mode 100644
index 000000000000..84897b0a2378
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyOrBuilder.java
@@ -0,0 +1,321 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface AuthorizationPolicyOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.AuthorizationPolicy)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the AuthorizationPolicy resource. It matches pattern
+   * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the AuthorizationPolicy resource. It matches pattern
+   * `projects/{project}/locations/{location}/authorizationPolicies/&lt;authorization_policy&gt;`.
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The description.
+   */
+  java.lang.String getDescription();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The bytes for description.
+   */
+  com.google.protobuf.ByteString getDescriptionBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  boolean hasCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  com.google.protobuf.Timestamp getCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the updateTime field is set.
+   */
+  boolean hasUpdateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The updateTime.
+   */
+  com.google.protobuf.Timestamp getUpdateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  int getLabelsCount();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  boolean containsLabels(java.lang.String key);
+  /** Use {@link #getLabelsMap()} instead. */
+  @java.lang.Deprecated
+  java.util.Map<java.lang.String, java.lang.String> getLabels();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  java.util.Map<java.lang.String, java.lang.String> getLabelsMap();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+
+  /* nullable */
+  java.lang.String getLabelsOrDefault(
+      java.lang.String key,
+      /* nullable */
+      java.lang.String defaultValue);
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  java.lang.String getLabelsOrThrow(java.lang.String key);
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The action to take when a rule match is found. Possible values
+   * are "ALLOW" or "DENY".
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The enum numeric value on the wire for action.
+   */
+  int getActionValue();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The action to take when a rule match is found. Possible values
+   * are "ALLOW" or "DENY".
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy.Action action = 6 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The action.
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Action getAction();
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule> getRulesList();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicy.Rule getRules(int index);
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  int getRulesCount();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  java.util.List<? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder>
+      getRulesOrBuilderList();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. List of rules to match. Note that at least one of the rules must match in
+   * order for the action specified in the 'action' field to be taken. A rule is
+   * a match if there is a matching source and destination. If left blank, the
+   * action specified in the `action` field will be applied on every request.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy.Rule rules = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicy.RuleOrBuilder getRulesOrBuilder(
+      int index);
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyProto.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyProto.java
new file mode 100644
index 000000000000..69802deadd54
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/AuthorizationPolicyProto.java
@@ -0,0 +1,283 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public final class AuthorizationPolicyProto {
+  private AuthorizationPolicyProto() {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_LabelsEntry_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_LabelsEntry_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+    return descriptor;
+  }
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
+  static {
+    java.lang.String[] descriptorData = {
+      "\n:google/cloud/networksecurity/v1/author"
+          + "ization_policy.proto\022\037google.cloud.netwo"
+          + "rksecurity.v1\032\037google/api/field_behavior"
+          + ".proto\032\031google/api/resource.proto\032 googl"
+          + "e/protobuf/field_mask.proto\032\037google/prot"
+          + "obuf/timestamp.proto\"\261\t\n\023AuthorizationPo"
+          + "licy\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\030\n\013description\030\002"
+          + " \001(\tB\003\340A\001\0224\n\013create_time\030\003 \001(\0132\032.google."
+          + "protobuf.TimestampB\003\340A\003\0224\n\013update_time\030\004"
+          + " \001(\0132\032.google.protobuf.TimestampB\003\340A\003\022U\n"
+          + "\006labels\030\005 \003(\0132@.google.cloud.networksecu"
+          + "rity.v1.AuthorizationPolicy.LabelsEntryB"
+          + "\003\340A\001\022P\n\006action\030\006 \001(\0162;.google.cloud.netw"
+          + "orksecurity.v1.AuthorizationPolicy.Actio"
+          + "nB\003\340A\002\022M\n\005rules\030\007 \003(\01329.google.cloud.net"
+          + "worksecurity.v1.AuthorizationPolicy.Rule"
+          + "B\003\340A\001\032\221\004\n\004Rule\022V\n\007sources\030\001 \003(\0132@.google"
+          + ".cloud.networksecurity.v1.AuthorizationP"
+          + "olicy.Rule.SourceB\003\340A\001\022`\n\014destinations\030\002"
+          + " \003(\0132E.google.cloud.networksecurity.v1.A"
+          + "uthorizationPolicy.Rule.DestinationB\003\340A\001"
+          + "\0329\n\006Source\022\027\n\nprincipals\030\001 \003(\tB\003\340A\001\022\026\n\ti"
+          + "p_blocks\030\002 \003(\tB\003\340A\001\032\223\002\n\013Destination\022\022\n\005h"
+          + "osts\030\001 \003(\tB\003\340A\002\022\022\n\005ports\030\002 \003(\rB\003\340A\002\022\024\n\007m"
+          + "ethods\030\004 \003(\tB\003\340A\001\022u\n\021http_header_match\030\005"
+          + " \001(\0132U.google.cloud.networksecurity.v1.A"
+          + "uthorizationPolicy.Rule.Destination.Http"
+          + "HeaderMatchB\003\340A\001\032O\n\017HttpHeaderMatch\022\032\n\013r"
+          + "egex_match\030\002 \001(\tB\003\340A\002H\000\022\030\n\013header_name\030\001"
+          + " \001(\tB\003\340A\002B\006\n\004type\032-\n\013LabelsEntry\022\013\n\003key\030"
+          + "\001 \001(\t\022\r\n\005value\030\002 \001(\t:\0028\001\"5\n\006Action\022\026\n\022AC"
+          + "TION_UNSPECIFIED\020\000\022\t\n\005ALLOW\020\001\022\010\n\004DENY\020\002:"
+          + "\216\001\352A\212\001\n2networksecurity.googleapis.com/A"
+          + "uthorizationPolicy\022Tprojects/{project}/l"
+          + "ocations/{location}/authorizationPolicie"
+          + "s/{authorization_policy}\"\204\001\n ListAuthori"
+          + "zationPoliciesRequest\0229\n\006parent\030\001 \001(\tB)\340"
+          + "A\002\372A#\n!locations.googleapis.com/Location"
+          + "\022\021\n\tpage_size\030\002 \001(\005\022\022\n\npage_token\030\003 \001(\t\""
+          + "\222\001\n!ListAuthorizationPoliciesResponse\022T\n"
+          + "\026authorization_policies\030\001 \003(\01324.google.c"
+          + "loud.networksecurity.v1.AuthorizationPol"
+          + "icy\022\027\n\017next_page_token\030\002 \001(\t\"i\n\035GetAutho"
+          + "rizationPolicyRequest\022H\n\004name\030\001 \001(\tB:\340A\002"
+          + "\372A4\n2networksecurity.googleapis.com/Auth"
+          + "orizationPolicy\"\355\001\n CreateAuthorizationP"
+          + "olicyRequest\022J\n\006parent\030\001 \001(\tB:\340A\002\372A4\0222ne"
+          + "tworksecurity.googleapis.com/Authorizati"
+          + "onPolicy\022$\n\027authorization_policy_id\030\002 \001("
+          + "\tB\003\340A\002\022W\n\024authorization_policy\030\003 \001(\01324.g"
+          + "oogle.cloud.networksecurity.v1.Authoriza"
+          + "tionPolicyB\003\340A\002\"\261\001\n UpdateAuthorizationP"
+          + "olicyRequest\0224\n\013update_mask\030\001 \001(\0132\032.goog"
+          + "le.protobuf.FieldMaskB\003\340A\001\022W\n\024authorizat"
+          + "ion_policy\030\002 \001(\01324.google.cloud.networks"
+          + "ecurity.v1.AuthorizationPolicyB\003\340A\002\"l\n D"
+          + "eleteAuthorizationPolicyRequest\022H\n\004name\030"
+          + "\001 \001(\tB:\340A\002\372A4\n2networksecurity.googleapi"
+          + "s.com/AuthorizationPolicyB\372\001\n#com.google"
+          + ".cloud.networksecurity.v1B\030Authorization"
+          + "PolicyProtoP\001ZNgoogle.golang.org/genprot"
+          + "o/googleapis/cloud/networksecurity/v1;ne"
+          + "tworksecurity\252\002\037Google.Cloud.NetworkSecu"
+          + "rity.V1\312\002\037Google\\Cloud\\NetworkSecurity\\V"
+          + "1\352\002\"Google::Cloud::NetworkSecurity::V1b\006"
+          + "proto3"
+    };
+    descriptor =
+        com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+            descriptorData,
+            new com.google.protobuf.Descriptors.FileDescriptor[] {
+              com.google.api.FieldBehaviorProto.getDescriptor(),
+              com.google.api.ResourceProto.getDescriptor(),
+              com.google.protobuf.FieldMaskProto.getDescriptor(),
+              com.google.protobuf.TimestampProto.getDescriptor(),
+            });
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor =
+        getDescriptor().getMessageTypes().get(0);
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor,
+            new java.lang.String[] {
+              "Name", "Description", "CreateTime", "UpdateTime", "Labels", "Action", "Rules",
+            });
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor =
+        internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor
+            .getNestedTypes()
+            .get(0);
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor,
+            new java.lang.String[] {
+              "Sources", "Destinations",
+            });
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_descriptor =
+        internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor
+            .getNestedTypes()
+            .get(0);
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Source_descriptor,
+            new java.lang.String[] {
+              "Principals", "IpBlocks",
+            });
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_descriptor =
+        internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_descriptor
+            .getNestedTypes()
+            .get(1);
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_descriptor,
+            new java.lang.String[] {
+              "Hosts", "Ports", "Methods", "HttpHeaderMatch",
+            });
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_descriptor =
+        internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_descriptor
+            .getNestedTypes()
+            .get(0);
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_Rule_Destination_HttpHeaderMatch_descriptor,
+            new java.lang.String[] {
+              "RegexMatch", "HeaderName", "Type",
+            });
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_LabelsEntry_descriptor =
+        internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_descriptor
+            .getNestedTypes()
+            .get(1);
+    internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_LabelsEntry_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_AuthorizationPolicy_LabelsEntry_descriptor,
+            new java.lang.String[] {
+              "Key", "Value",
+            });
+    internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_descriptor =
+        getDescriptor().getMessageTypes().get(1);
+    internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_descriptor,
+            new java.lang.String[] {
+              "Parent", "PageSize", "PageToken",
+            });
+    internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_descriptor =
+        getDescriptor().getMessageTypes().get(2);
+    internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_descriptor,
+            new java.lang.String[] {
+              "AuthorizationPolicies", "NextPageToken",
+            });
+    internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(3);
+    internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Name",
+            });
+    internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(4);
+    internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Parent", "AuthorizationPolicyId", "AuthorizationPolicy",
+            });
+    internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(5);
+    internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "UpdateMask", "AuthorizationPolicy",
+            });
+    internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(6);
+    internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Name",
+            });
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.FieldBehaviorProto.fieldBehavior);
+    registry.add(com.google.api.ResourceProto.resource);
+    registry.add(com.google.api.ResourceProto.resourceReference);
+    com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
+        descriptor, registry);
+    com.google.api.FieldBehaviorProto.getDescriptor();
+    com.google.api.ResourceProto.getDescriptor();
+    com.google.protobuf.FieldMaskProto.getDescriptor();
+    com.google.protobuf.TimestampProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProvider.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProvider.java
new file mode 100644
index 000000000000..487a0ef00b33
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProvider.java
@@ -0,0 +1,1225 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Specification of certificate provider. Defines the mechanism to obtain the
+ * certificate and private key for peer to peer authentication.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.CertificateProvider}
+ */
+public final class CertificateProvider extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.CertificateProvider)
+    CertificateProviderOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use CertificateProvider.newBuilder() to construct.
+  private CertificateProvider(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private CertificateProvider() {}
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new CertificateProvider();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private CertificateProvider(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 18:
+            {
+              com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder subBuilder = null;
+              if (typeCase_ == 2) {
+                subBuilder = ((com.google.cloud.networksecurity.v1.GrpcEndpoint) type_).toBuilder();
+              }
+              type_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.GrpcEndpoint.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom((com.google.cloud.networksecurity.v1.GrpcEndpoint) type_);
+                type_ = subBuilder.buildPartial();
+              }
+              typeCase_ = 2;
+              break;
+            }
+          case 26:
+            {
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder subBuilder =
+                  null;
+              if (typeCase_ == 3) {
+                subBuilder =
+                    ((com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_)
+                        .toBuilder();
+              }
+              type_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.CertificateProviderInstance.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(
+                    (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_);
+                type_ = subBuilder.buildPartial();
+              }
+              typeCase_ = 3;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_CertificateProvider_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_CertificateProvider_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.CertificateProvider.class,
+            com.google.cloud.networksecurity.v1.CertificateProvider.Builder.class);
+  }
+
+  private int typeCase_ = 0;
+  private java.lang.Object type_;
+
+  public enum TypeCase
+      implements
+          com.google.protobuf.Internal.EnumLite,
+          com.google.protobuf.AbstractMessage.InternalOneOfEnum {
+    GRPC_ENDPOINT(2),
+    CERTIFICATE_PROVIDER_INSTANCE(3),
+    TYPE_NOT_SET(0);
+    private final int value;
+
+    private TypeCase(int value) {
+      this.value = value;
+    }
+    /**
+     * @param value The number of the enum to look for.
+     * @return The enum associated with the given number.
+     * @deprecated Use {@link #forNumber(int)} instead.
+     */
+    @java.lang.Deprecated
+    public static TypeCase valueOf(int value) {
+      return forNumber(value);
+    }
+
+    public static TypeCase forNumber(int value) {
+      switch (value) {
+        case 2:
+          return GRPC_ENDPOINT;
+        case 3:
+          return CERTIFICATE_PROVIDER_INSTANCE;
+        case 0:
+          return TYPE_NOT_SET;
+        default:
+          return null;
+      }
+    }
+
+    public int getNumber() {
+      return this.value;
+    }
+  };
+
+  public TypeCase getTypeCase() {
+    return TypeCase.forNumber(typeCase_);
+  }
+
+  public static final int GRPC_ENDPOINT_FIELD_NUMBER = 2;
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the cert and private key.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return Whether the grpcEndpoint field is set.
+   */
+  @java.lang.Override
+  public boolean hasGrpcEndpoint() {
+    return typeCase_ == 2;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the cert and private key.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return The grpcEndpoint.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GrpcEndpoint getGrpcEndpoint() {
+    if (typeCase_ == 2) {
+      return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+    }
+    return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the cert and private key.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder getGrpcEndpointOrBuilder() {
+    if (typeCase_ == 2) {
+      return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+    }
+    return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+  }
+
+  public static final int CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER = 3;
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return Whether the certificateProviderInstance field is set.
+   */
+  @java.lang.Override
+  public boolean hasCertificateProviderInstance() {
+    return typeCase_ == 3;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return The certificateProviderInstance.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProviderInstance
+      getCertificateProviderInstance() {
+    if (typeCase_ == 3) {
+      return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+    }
+    return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder
+      getCertificateProviderInstanceOrBuilder() {
+    if (typeCase_ == 3) {
+      return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+    }
+    return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (typeCase_ == 2) {
+      output.writeMessage(2, (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_);
+    }
+    if (typeCase_ == 3) {
+      output.writeMessage(
+          3, (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (typeCase_ == 2) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(
+              2, (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_);
+    }
+    if (typeCase_ == 3) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(
+              3, (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.CertificateProvider)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.CertificateProvider other =
+        (com.google.cloud.networksecurity.v1.CertificateProvider) obj;
+
+    if (!getTypeCase().equals(other.getTypeCase())) return false;
+    switch (typeCase_) {
+      case 2:
+        if (!getGrpcEndpoint().equals(other.getGrpcEndpoint())) return false;
+        break;
+      case 3:
+        if (!getCertificateProviderInstance().equals(other.getCertificateProviderInstance()))
+          return false;
+        break;
+      case 0:
+      default:
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    switch (typeCase_) {
+      case 2:
+        hash = (37 * hash) + GRPC_ENDPOINT_FIELD_NUMBER;
+        hash = (53 * hash) + getGrpcEndpoint().hashCode();
+        break;
+      case 3:
+        hash = (37 * hash) + CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER;
+        hash = (53 * hash) + getCertificateProviderInstance().hashCode();
+        break;
+      case 0:
+      default:
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.CertificateProvider prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Specification of certificate provider. Defines the mechanism to obtain the
+   * certificate and private key for peer to peer authentication.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.CertificateProvider}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.CertificateProvider)
+      com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_CertificateProvider_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_CertificateProvider_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.CertificateProvider.class,
+              com.google.cloud.networksecurity.v1.CertificateProvider.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.CertificateProvider.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      typeCase_ = 0;
+      type_ = null;
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_CertificateProvider_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProvider getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProvider build() {
+      com.google.cloud.networksecurity.v1.CertificateProvider result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProvider buildPartial() {
+      com.google.cloud.networksecurity.v1.CertificateProvider result =
+          new com.google.cloud.networksecurity.v1.CertificateProvider(this);
+      if (typeCase_ == 2) {
+        if (grpcEndpointBuilder_ == null) {
+          result.type_ = type_;
+        } else {
+          result.type_ = grpcEndpointBuilder_.build();
+        }
+      }
+      if (typeCase_ == 3) {
+        if (certificateProviderInstanceBuilder_ == null) {
+          result.type_ = type_;
+        } else {
+          result.type_ = certificateProviderInstanceBuilder_.build();
+        }
+      }
+      result.typeCase_ = typeCase_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.CertificateProvider) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.CertificateProvider) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.CertificateProvider other) {
+      if (other == com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance())
+        return this;
+      switch (other.getTypeCase()) {
+        case GRPC_ENDPOINT:
+          {
+            mergeGrpcEndpoint(other.getGrpcEndpoint());
+            break;
+          }
+        case CERTIFICATE_PROVIDER_INSTANCE:
+          {
+            mergeCertificateProviderInstance(other.getCertificateProviderInstance());
+            break;
+          }
+        case TYPE_NOT_SET:
+          {
+            break;
+          }
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.CertificateProvider parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.CertificateProvider) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int typeCase_ = 0;
+    private java.lang.Object type_;
+
+    public TypeCase getTypeCase() {
+      return TypeCase.forNumber(typeCase_);
+    }
+
+    public Builder clearType() {
+      typeCase_ = 0;
+      type_ = null;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.GrpcEndpoint,
+            com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder,
+            com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder>
+        grpcEndpointBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     *
+     * @return Whether the grpcEndpoint field is set.
+     */
+    @java.lang.Override
+    public boolean hasGrpcEndpoint() {
+      return typeCase_ == 2;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     *
+     * @return The grpcEndpoint.
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GrpcEndpoint getGrpcEndpoint() {
+      if (grpcEndpointBuilder_ == null) {
+        if (typeCase_ == 2) {
+          return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+        }
+        return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+      } else {
+        if (typeCase_ == 2) {
+          return grpcEndpointBuilder_.getMessage();
+        }
+        return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder setGrpcEndpoint(com.google.cloud.networksecurity.v1.GrpcEndpoint value) {
+      if (grpcEndpointBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        type_ = value;
+        onChanged();
+      } else {
+        grpcEndpointBuilder_.setMessage(value);
+      }
+      typeCase_ = 2;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder setGrpcEndpoint(
+        com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder builderForValue) {
+      if (grpcEndpointBuilder_ == null) {
+        type_ = builderForValue.build();
+        onChanged();
+      } else {
+        grpcEndpointBuilder_.setMessage(builderForValue.build());
+      }
+      typeCase_ = 2;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder mergeGrpcEndpoint(com.google.cloud.networksecurity.v1.GrpcEndpoint value) {
+      if (grpcEndpointBuilder_ == null) {
+        if (typeCase_ == 2
+            && type_ != com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance()) {
+          type_ =
+              com.google.cloud.networksecurity.v1.GrpcEndpoint.newBuilder(
+                      (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          type_ = value;
+        }
+        onChanged();
+      } else {
+        if (typeCase_ == 2) {
+          grpcEndpointBuilder_.mergeFrom(value);
+        } else {
+          grpcEndpointBuilder_.setMessage(value);
+        }
+      }
+      typeCase_ = 2;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder clearGrpcEndpoint() {
+      if (grpcEndpointBuilder_ == null) {
+        if (typeCase_ == 2) {
+          typeCase_ = 0;
+          type_ = null;
+          onChanged();
+        }
+      } else {
+        if (typeCase_ == 2) {
+          typeCase_ = 0;
+          type_ = null;
+        }
+        grpcEndpointBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder getGrpcEndpointBuilder() {
+      return getGrpcEndpointFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder getGrpcEndpointOrBuilder() {
+      if ((typeCase_ == 2) && (grpcEndpointBuilder_ != null)) {
+        return grpcEndpointBuilder_.getMessageOrBuilder();
+      } else {
+        if (typeCase_ == 2) {
+          return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+        }
+        return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the cert and private key.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.GrpcEndpoint,
+            com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder,
+            com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder>
+        getGrpcEndpointFieldBuilder() {
+      if (grpcEndpointBuilder_ == null) {
+        if (!(typeCase_ == 2)) {
+          type_ = com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+        }
+        grpcEndpointBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.GrpcEndpoint,
+                com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder,
+                com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder>(
+                (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_,
+                getParentForChildren(),
+                isClean());
+        type_ = null;
+      }
+      typeCase_ = 2;
+      onChanged();
+      ;
+      return grpcEndpointBuilder_;
+    }
+
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder>
+        certificateProviderInstanceBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     *
+     * @return Whether the certificateProviderInstance field is set.
+     */
+    @java.lang.Override
+    public boolean hasCertificateProviderInstance() {
+      return typeCase_ == 3;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     *
+     * @return The certificateProviderInstance.
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstance
+        getCertificateProviderInstance() {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (typeCase_ == 3) {
+          return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+        }
+        return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+      } else {
+        if (typeCase_ == 3) {
+          return certificateProviderInstanceBuilder_.getMessage();
+        }
+        return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder setCertificateProviderInstance(
+        com.google.cloud.networksecurity.v1.CertificateProviderInstance value) {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        type_ = value;
+        onChanged();
+      } else {
+        certificateProviderInstanceBuilder_.setMessage(value);
+      }
+      typeCase_ = 3;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder setCertificateProviderInstance(
+        com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder builderForValue) {
+      if (certificateProviderInstanceBuilder_ == null) {
+        type_ = builderForValue.build();
+        onChanged();
+      } else {
+        certificateProviderInstanceBuilder_.setMessage(builderForValue.build());
+      }
+      typeCase_ = 3;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder mergeCertificateProviderInstance(
+        com.google.cloud.networksecurity.v1.CertificateProviderInstance value) {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (typeCase_ == 3
+            && type_
+                != com.google.cloud.networksecurity.v1.CertificateProviderInstance
+                    .getDefaultInstance()) {
+          type_ =
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.newBuilder(
+                      (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          type_ = value;
+        }
+        onChanged();
+      } else {
+        if (typeCase_ == 3) {
+          certificateProviderInstanceBuilder_.mergeFrom(value);
+        } else {
+          certificateProviderInstanceBuilder_.setMessage(value);
+        }
+      }
+      typeCase_ = 3;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder clearCertificateProviderInstance() {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (typeCase_ == 3) {
+          typeCase_ = 0;
+          type_ = null;
+          onChanged();
+        }
+      } else {
+        if (typeCase_ == 3) {
+          typeCase_ = 0;
+          type_ = null;
+        }
+        certificateProviderInstanceBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder
+        getCertificateProviderInstanceBuilder() {
+      return getCertificateProviderInstanceFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder
+        getCertificateProviderInstanceOrBuilder() {
+      if ((typeCase_ == 3) && (certificateProviderInstanceBuilder_ != null)) {
+        return certificateProviderInstanceBuilder_.getMessageOrBuilder();
+      } else {
+        if (typeCase_ == 3) {
+          return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+        }
+        return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder>
+        getCertificateProviderInstanceFieldBuilder() {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (!(typeCase_ == 3)) {
+          type_ =
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+        }
+        certificateProviderInstanceBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.CertificateProviderInstance,
+                com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder,
+                com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder>(
+                (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_,
+                getParentForChildren(),
+                isClean());
+        type_ = null;
+      }
+      typeCase_ = 3;
+      onChanged();
+      ;
+      return certificateProviderInstanceBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.CertificateProvider)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.CertificateProvider)
+  private static final com.google.cloud.networksecurity.v1.CertificateProvider DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.CertificateProvider();
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProvider getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<CertificateProvider> PARSER =
+      new com.google.protobuf.AbstractParser<CertificateProvider>() {
+        @java.lang.Override
+        public CertificateProvider parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new CertificateProvider(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<CertificateProvider> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<CertificateProvider> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProvider getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstance.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstance.java
new file mode 100644
index 000000000000..5c6552b1ddf2
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstance.java
@@ -0,0 +1,666 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Specification of a TLS certificate provider instance. Workloads may have one
+ * or more CertificateProvider instances (plugins) and one of them is enabled
+ * and configured by specifying this message. Workloads use the values from this
+ * message to locate and load the CertificateProvider instance configuration.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.CertificateProviderInstance}
+ */
+public final class CertificateProviderInstance extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.CertificateProviderInstance)
+    CertificateProviderInstanceOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use CertificateProviderInstance.newBuilder() to construct.
+  private CertificateProviderInstance(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private CertificateProviderInstance() {
+    pluginInstance_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new CertificateProviderInstance();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private CertificateProviderInstance(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              pluginInstance_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance.class,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder.class);
+  }
+
+  public static final int PLUGIN_INSTANCE_FIELD_NUMBER = 1;
+  private volatile java.lang.Object pluginInstance_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Plugin instance name, used to locate and load CertificateProvider instance
+   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+   * Authority Service certificate provider instance.
+   * </pre>
+   *
+   * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The pluginInstance.
+   */
+  @java.lang.Override
+  public java.lang.String getPluginInstance() {
+    java.lang.Object ref = pluginInstance_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      pluginInstance_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Plugin instance name, used to locate and load CertificateProvider instance
+   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+   * Authority Service certificate provider instance.
+   * </pre>
+   *
+   * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for pluginInstance.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getPluginInstanceBytes() {
+    java.lang.Object ref = pluginInstance_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      pluginInstance_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pluginInstance_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, pluginInstance_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pluginInstance_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, pluginInstance_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.CertificateProviderInstance)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.CertificateProviderInstance other =
+        (com.google.cloud.networksecurity.v1.CertificateProviderInstance) obj;
+
+    if (!getPluginInstance().equals(other.getPluginInstance())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PLUGIN_INSTANCE_FIELD_NUMBER;
+    hash = (53 * hash) + getPluginInstance().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.CertificateProviderInstance prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Specification of a TLS certificate provider instance. Workloads may have one
+   * or more CertificateProvider instances (plugins) and one of them is enabled
+   * and configured by specifying this message. Workloads use the values from this
+   * message to locate and load the CertificateProvider instance configuration.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.CertificateProviderInstance}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.CertificateProviderInstance)
+      com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.class,
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.CertificateProviderInstance.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      pluginInstance_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstance
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstance build() {
+      com.google.cloud.networksecurity.v1.CertificateProviderInstance result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstance buildPartial() {
+      com.google.cloud.networksecurity.v1.CertificateProviderInstance result =
+          new com.google.cloud.networksecurity.v1.CertificateProviderInstance(this);
+      result.pluginInstance_ = pluginInstance_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.CertificateProviderInstance) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.CertificateProviderInstance) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.CertificateProviderInstance other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance())
+        return this;
+      if (!other.getPluginInstance().isEmpty()) {
+        pluginInstance_ = other.pluginInstance_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.CertificateProviderInstance parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.CertificateProviderInstance)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object pluginInstance_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. Plugin instance name, used to locate and load CertificateProvider instance
+     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+     * Authority Service certificate provider instance.
+     * </pre>
+     *
+     * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The pluginInstance.
+     */
+    public java.lang.String getPluginInstance() {
+      java.lang.Object ref = pluginInstance_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        pluginInstance_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Plugin instance name, used to locate and load CertificateProvider instance
+     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+     * Authority Service certificate provider instance.
+     * </pre>
+     *
+     * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for pluginInstance.
+     */
+    public com.google.protobuf.ByteString getPluginInstanceBytes() {
+      java.lang.Object ref = pluginInstance_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        pluginInstance_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Plugin instance name, used to locate and load CertificateProvider instance
+     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+     * Authority Service certificate provider instance.
+     * </pre>
+     *
+     * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The pluginInstance to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPluginInstance(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      pluginInstance_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Plugin instance name, used to locate and load CertificateProvider instance
+     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+     * Authority Service certificate provider instance.
+     * </pre>
+     *
+     * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearPluginInstance() {
+
+      pluginInstance_ = getDefaultInstance().getPluginInstance();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Plugin instance name, used to locate and load CertificateProvider instance
+     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+     * Authority Service certificate provider instance.
+     * </pre>
+     *
+     * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for pluginInstance to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPluginInstanceBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      pluginInstance_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.CertificateProviderInstance)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.CertificateProviderInstance)
+  private static final com.google.cloud.networksecurity.v1.CertificateProviderInstance
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.CertificateProviderInstance();
+  }
+
+  public static com.google.cloud.networksecurity.v1.CertificateProviderInstance
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<CertificateProviderInstance> PARSER =
+      new com.google.protobuf.AbstractParser<CertificateProviderInstance>() {
+        @java.lang.Override
+        public CertificateProviderInstance parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new CertificateProviderInstance(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<CertificateProviderInstance> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<CertificateProviderInstance> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProviderInstance
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstanceOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstanceOrBuilder.java
new file mode 100644
index 000000000000..4bfde71fce23
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderInstanceOrBuilder.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface CertificateProviderInstanceOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.CertificateProviderInstance)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Plugin instance name, used to locate and load CertificateProvider instance
+   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+   * Authority Service certificate provider instance.
+   * </pre>
+   *
+   * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The pluginInstance.
+   */
+  java.lang.String getPluginInstance();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Plugin instance name, used to locate and load CertificateProvider instance
+   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
+   * Authority Service certificate provider instance.
+   * </pre>
+   *
+   * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for pluginInstance.
+   */
+  com.google.protobuf.ByteString getPluginInstanceBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderOrBuilder.java
new file mode 100644
index 000000000000..e62cd941beef
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CertificateProviderOrBuilder.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface CertificateProviderOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.CertificateProvider)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the cert and private key.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return Whether the grpcEndpoint field is set.
+   */
+  boolean hasGrpcEndpoint();
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the cert and private key.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return The grpcEndpoint.
+   */
+  com.google.cloud.networksecurity.v1.GrpcEndpoint getGrpcEndpoint();
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the cert and private key.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   */
+  com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder getGrpcEndpointOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return Whether the certificateProviderInstance field is set.
+   */
+  boolean hasCertificateProviderInstance();
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return The certificateProviderInstance.
+   */
+  com.google.cloud.networksecurity.v1.CertificateProviderInstance getCertificateProviderInstance();
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder
+      getCertificateProviderInstanceOrBuilder();
+
+  public com.google.cloud.networksecurity.v1.CertificateProvider.TypeCase getTypeCase();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicy.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicy.java
new file mode 100644
index 000000000000..ced1a724fdb5
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicy.java
@@ -0,0 +1,2842 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * ClientTlsPolicy is a resource that specifies how a client should authenticate
+ * connections to backends of a service. This resource itself does not affect
+ * configuration unless it is attached to a backend service resource.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ClientTlsPolicy}
+ */
+public final class ClientTlsPolicy extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ClientTlsPolicy)
+    ClientTlsPolicyOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ClientTlsPolicy.newBuilder() to construct.
+  private ClientTlsPolicy(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ClientTlsPolicy() {
+    name_ = "";
+    description_ = "";
+    sni_ = "";
+    serverValidationCa_ = java.util.Collections.emptyList();
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ClientTlsPolicy();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ClientTlsPolicy(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              description_ = s;
+              break;
+            }
+          case 26:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (createTime_ != null) {
+                subBuilder = createTime_.toBuilder();
+              }
+              createTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(createTime_);
+                createTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 34:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (updateTime_ != null) {
+                subBuilder = updateTime_.toBuilder();
+              }
+              updateTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(updateTime_);
+                updateTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 42:
+            {
+              if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                labels_ =
+                    com.google.protobuf.MapField.newMapField(LabelsDefaultEntryHolder.defaultEntry);
+                mutable_bitField0_ |= 0x00000001;
+              }
+              com.google.protobuf.MapEntry<java.lang.String, java.lang.String> labels__ =
+                  input.readMessage(
+                      LabelsDefaultEntryHolder.defaultEntry.getParserForType(), extensionRegistry);
+              labels_.getMutableMap().put(labels__.getKey(), labels__.getValue());
+              break;
+            }
+          case 50:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              sni_ = s;
+              break;
+            }
+          case 58:
+            {
+              com.google.cloud.networksecurity.v1.CertificateProvider.Builder subBuilder = null;
+              if (clientCertificate_ != null) {
+                subBuilder = clientCertificate_.toBuilder();
+              }
+              clientCertificate_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.CertificateProvider.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(clientCertificate_);
+                clientCertificate_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 66:
+            {
+              if (!((mutable_bitField0_ & 0x00000002) != 0)) {
+                serverValidationCa_ =
+                    new java.util.ArrayList<com.google.cloud.networksecurity.v1.ValidationCA>();
+                mutable_bitField0_ |= 0x00000002;
+              }
+              serverValidationCa_.add(
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ValidationCA.parser(),
+                      extensionRegistry));
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) != 0)) {
+        serverValidationCa_ = java.util.Collections.unmodifiableList(serverValidationCa_);
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_descriptor;
+  }
+
+  @SuppressWarnings({"rawtypes"})
+  @java.lang.Override
+  protected com.google.protobuf.MapField internalGetMapField(int number) {
+    switch (number) {
+      case 5:
+        return internalGetLabels();
+      default:
+        throw new RuntimeException("Invalid map field number: " + number);
+    }
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.class,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder.class);
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DESCRIPTION_FIELD_NUMBER = 2;
+  private volatile java.lang.Object description_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The description.
+   */
+  @java.lang.Override
+  public java.lang.String getDescription() {
+    java.lang.Object ref = description_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      description_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The bytes for description.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getDescriptionBytes() {
+    java.lang.Object ref = description_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      description_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int CREATE_TIME_FIELD_NUMBER = 3;
+  private com.google.protobuf.Timestamp createTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasCreateTime() {
+    return createTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getCreateTime() {
+    return createTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : createTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+    return getCreateTime();
+  }
+
+  public static final int UPDATE_TIME_FIELD_NUMBER = 4;
+  private com.google.protobuf.Timestamp updateTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the updateTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasUpdateTime() {
+    return updateTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The updateTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getUpdateTime() {
+    return updateTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : updateTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder() {
+    return getUpdateTime();
+  }
+
+  public static final int LABELS_FIELD_NUMBER = 5;
+
+  private static final class LabelsDefaultEntryHolder {
+    static final com.google.protobuf.MapEntry<java.lang.String, java.lang.String> defaultEntry =
+        com.google.protobuf.MapEntry.<java.lang.String, java.lang.String>newDefaultInstance(
+            com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+                .internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_LabelsEntry_descriptor,
+            com.google.protobuf.WireFormat.FieldType.STRING,
+            "",
+            com.google.protobuf.WireFormat.FieldType.STRING,
+            "");
+  }
+
+  private com.google.protobuf.MapField<java.lang.String, java.lang.String> labels_;
+
+  private com.google.protobuf.MapField<java.lang.String, java.lang.String> internalGetLabels() {
+    if (labels_ == null) {
+      return com.google.protobuf.MapField.emptyMapField(LabelsDefaultEntryHolder.defaultEntry);
+    }
+    return labels_;
+  }
+
+  public int getLabelsCount() {
+    return internalGetLabels().getMap().size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public boolean containsLabels(java.lang.String key) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    return internalGetLabels().getMap().containsKey(key);
+  }
+  /** Use {@link #getLabelsMap()} instead. */
+  @java.lang.Override
+  @java.lang.Deprecated
+  public java.util.Map<java.lang.String, java.lang.String> getLabels() {
+    return getLabelsMap();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
+    return internalGetLabels().getMap();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public java.lang.String getLabelsOrDefault(java.lang.String key, java.lang.String defaultValue) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+    return map.containsKey(key) ? map.get(key) : defaultValue;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  @java.lang.Override
+  public java.lang.String getLabelsOrThrow(java.lang.String key) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+    if (!map.containsKey(key)) {
+      throw new java.lang.IllegalArgumentException();
+    }
+    return map.get(key);
+  }
+
+  public static final int SNI_FIELD_NUMBER = 6;
+  private volatile java.lang.Object sni_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Server Name Indication string to present to the server during TLS
+   * handshake. E.g: "secure.example.com".
+   * </pre>
+   *
+   * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The sni.
+   */
+  @java.lang.Override
+  public java.lang.String getSni() {
+    java.lang.Object ref = sni_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      sni_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Server Name Indication string to present to the server during TLS
+   * handshake. E.g: "secure.example.com".
+   * </pre>
+   *
+   * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The bytes for sni.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getSniBytes() {
+    java.lang.Object ref = sni_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      sni_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int CLIENT_CERTIFICATE_FIELD_NUMBER = 7;
+  private com.google.cloud.networksecurity.v1.CertificateProvider clientCertificate_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines a mechanism to provision client identity (public and private keys)
+   * for peer to peer authentication. The presence of this dictates mTLS.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the clientCertificate field is set.
+   */
+  @java.lang.Override
+  public boolean hasClientCertificate() {
+    return clientCertificate_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines a mechanism to provision client identity (public and private keys)
+   * for peer to peer authentication. The presence of this dictates mTLS.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The clientCertificate.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProvider getClientCertificate() {
+    return clientCertificate_ == null
+        ? com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance()
+        : clientCertificate_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines a mechanism to provision client identity (public and private keys)
+   * for peer to peer authentication. The presence of this dictates mTLS.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder
+      getClientCertificateOrBuilder() {
+    return getClientCertificate();
+  }
+
+  public static final int SERVER_VALIDATION_CA_FIELD_NUMBER = 8;
+  private java.util.List<com.google.cloud.networksecurity.v1.ValidationCA> serverValidationCa_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public java.util.List<com.google.cloud.networksecurity.v1.ValidationCA>
+      getServerValidationCaList() {
+    return serverValidationCa_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public java.util.List<? extends com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+      getServerValidationCaOrBuilderList() {
+    return serverValidationCa_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public int getServerValidationCaCount() {
+    return serverValidationCa_.size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ValidationCA getServerValidationCa(int index) {
+    return serverValidationCa_.get(index);
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ValidationCAOrBuilder getServerValidationCaOrBuilder(
+      int index) {
+    return serverValidationCa_.get(index);
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(description_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, description_);
+    }
+    if (createTime_ != null) {
+      output.writeMessage(3, getCreateTime());
+    }
+    if (updateTime_ != null) {
+      output.writeMessage(4, getUpdateTime());
+    }
+    com.google.protobuf.GeneratedMessageV3.serializeStringMapTo(
+        output, internalGetLabels(), LabelsDefaultEntryHolder.defaultEntry, 5);
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(sni_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 6, sni_);
+    }
+    if (clientCertificate_ != null) {
+      output.writeMessage(7, getClientCertificate());
+    }
+    for (int i = 0; i < serverValidationCa_.size(); i++) {
+      output.writeMessage(8, serverValidationCa_.get(i));
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(description_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, description_);
+    }
+    if (createTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getCreateTime());
+    }
+    if (updateTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(4, getUpdateTime());
+    }
+    for (java.util.Map.Entry<java.lang.String, java.lang.String> entry :
+        internalGetLabels().getMap().entrySet()) {
+      com.google.protobuf.MapEntry<java.lang.String, java.lang.String> labels__ =
+          LabelsDefaultEntryHolder.defaultEntry
+              .newBuilderForType()
+              .setKey(entry.getKey())
+              .setValue(entry.getValue())
+              .build();
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(5, labels__);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(sni_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(6, sni_);
+    }
+    if (clientCertificate_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(7, getClientCertificate());
+    }
+    for (int i = 0; i < serverValidationCa_.size(); i++) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(8, serverValidationCa_.get(i));
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ClientTlsPolicy)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ClientTlsPolicy other =
+        (com.google.cloud.networksecurity.v1.ClientTlsPolicy) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!getDescription().equals(other.getDescription())) return false;
+    if (hasCreateTime() != other.hasCreateTime()) return false;
+    if (hasCreateTime()) {
+      if (!getCreateTime().equals(other.getCreateTime())) return false;
+    }
+    if (hasUpdateTime() != other.hasUpdateTime()) return false;
+    if (hasUpdateTime()) {
+      if (!getUpdateTime().equals(other.getUpdateTime())) return false;
+    }
+    if (!internalGetLabels().equals(other.internalGetLabels())) return false;
+    if (!getSni().equals(other.getSni())) return false;
+    if (hasClientCertificate() != other.hasClientCertificate()) return false;
+    if (hasClientCertificate()) {
+      if (!getClientCertificate().equals(other.getClientCertificate())) return false;
+    }
+    if (!getServerValidationCaList().equals(other.getServerValidationCaList())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (37 * hash) + DESCRIPTION_FIELD_NUMBER;
+    hash = (53 * hash) + getDescription().hashCode();
+    if (hasCreateTime()) {
+      hash = (37 * hash) + CREATE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getCreateTime().hashCode();
+    }
+    if (hasUpdateTime()) {
+      hash = (37 * hash) + UPDATE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getUpdateTime().hashCode();
+    }
+    if (!internalGetLabels().getMap().isEmpty()) {
+      hash = (37 * hash) + LABELS_FIELD_NUMBER;
+      hash = (53 * hash) + internalGetLabels().hashCode();
+    }
+    hash = (37 * hash) + SNI_FIELD_NUMBER;
+    hash = (53 * hash) + getSni().hashCode();
+    if (hasClientCertificate()) {
+      hash = (37 * hash) + CLIENT_CERTIFICATE_FIELD_NUMBER;
+      hash = (53 * hash) + getClientCertificate().hashCode();
+    }
+    if (getServerValidationCaCount() > 0) {
+      hash = (37 * hash) + SERVER_VALIDATION_CA_FIELD_NUMBER;
+      hash = (53 * hash) + getServerValidationCaList().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(com.google.cloud.networksecurity.v1.ClientTlsPolicy prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * ClientTlsPolicy is a resource that specifies how a client should authenticate
+   * connections to backends of a service. This resource itself does not affect
+   * configuration unless it is attached to a backend service resource.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ClientTlsPolicy}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ClientTlsPolicy)
+      com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_descriptor;
+    }
+
+    @SuppressWarnings({"rawtypes"})
+    protected com.google.protobuf.MapField internalGetMapField(int number) {
+      switch (number) {
+        case 5:
+          return internalGetLabels();
+        default:
+          throw new RuntimeException("Invalid map field number: " + number);
+      }
+    }
+
+    @SuppressWarnings({"rawtypes"})
+    protected com.google.protobuf.MapField internalGetMutableMapField(int number) {
+      switch (number) {
+        case 5:
+          return internalGetMutableLabels();
+        default:
+          throw new RuntimeException("Invalid map field number: " + number);
+      }
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ClientTlsPolicy.class,
+              com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.ClientTlsPolicy.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {
+        getServerValidationCaFieldBuilder();
+      }
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      description_ = "";
+
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = null;
+      } else {
+        updateTime_ = null;
+        updateTimeBuilder_ = null;
+      }
+      internalGetMutableLabels().clear();
+      sni_ = "";
+
+      if (clientCertificateBuilder_ == null) {
+        clientCertificate_ = null;
+      } else {
+        clientCertificate_ = null;
+        clientCertificateBuilder_ = null;
+      }
+      if (serverValidationCaBuilder_ == null) {
+        serverValidationCa_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      } else {
+        serverValidationCaBuilder_.clear();
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy build() {
+      com.google.cloud.networksecurity.v1.ClientTlsPolicy result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy buildPartial() {
+      com.google.cloud.networksecurity.v1.ClientTlsPolicy result =
+          new com.google.cloud.networksecurity.v1.ClientTlsPolicy(this);
+      int from_bitField0_ = bitField0_;
+      result.name_ = name_;
+      result.description_ = description_;
+      if (createTimeBuilder_ == null) {
+        result.createTime_ = createTime_;
+      } else {
+        result.createTime_ = createTimeBuilder_.build();
+      }
+      if (updateTimeBuilder_ == null) {
+        result.updateTime_ = updateTime_;
+      } else {
+        result.updateTime_ = updateTimeBuilder_.build();
+      }
+      result.labels_ = internalGetLabels();
+      result.labels_.makeImmutable();
+      result.sni_ = sni_;
+      if (clientCertificateBuilder_ == null) {
+        result.clientCertificate_ = clientCertificate_;
+      } else {
+        result.clientCertificate_ = clientCertificateBuilder_.build();
+      }
+      if (serverValidationCaBuilder_ == null) {
+        if (((bitField0_ & 0x00000002) != 0)) {
+          serverValidationCa_ = java.util.Collections.unmodifiableList(serverValidationCa_);
+          bitField0_ = (bitField0_ & ~0x00000002);
+        }
+        result.serverValidationCa_ = serverValidationCa_;
+      } else {
+        result.serverValidationCa_ = serverValidationCaBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ClientTlsPolicy) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.ClientTlsPolicy) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.ClientTlsPolicy other) {
+      if (other == com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.getDescription().isEmpty()) {
+        description_ = other.description_;
+        onChanged();
+      }
+      if (other.hasCreateTime()) {
+        mergeCreateTime(other.getCreateTime());
+      }
+      if (other.hasUpdateTime()) {
+        mergeUpdateTime(other.getUpdateTime());
+      }
+      internalGetMutableLabels().mergeFrom(other.internalGetLabels());
+      if (!other.getSni().isEmpty()) {
+        sni_ = other.sni_;
+        onChanged();
+      }
+      if (other.hasClientCertificate()) {
+        mergeClientCertificate(other.getClientCertificate());
+      }
+      if (serverValidationCaBuilder_ == null) {
+        if (!other.serverValidationCa_.isEmpty()) {
+          if (serverValidationCa_.isEmpty()) {
+            serverValidationCa_ = other.serverValidationCa_;
+            bitField0_ = (bitField0_ & ~0x00000002);
+          } else {
+            ensureServerValidationCaIsMutable();
+            serverValidationCa_.addAll(other.serverValidationCa_);
+          }
+          onChanged();
+        }
+      } else {
+        if (!other.serverValidationCa_.isEmpty()) {
+          if (serverValidationCaBuilder_.isEmpty()) {
+            serverValidationCaBuilder_.dispose();
+            serverValidationCaBuilder_ = null;
+            serverValidationCa_ = other.serverValidationCa_;
+            bitField0_ = (bitField0_ & ~0x00000002);
+            serverValidationCaBuilder_ =
+                com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                    ? getServerValidationCaFieldBuilder()
+                    : null;
+          } else {
+            serverValidationCaBuilder_.addAllMessages(other.serverValidationCa_);
+          }
+        }
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ClientTlsPolicy parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ClientTlsPolicy) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object description_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return The description.
+     */
+    public java.lang.String getDescription() {
+      java.lang.Object ref = description_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        description_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return The bytes for description.
+     */
+    public com.google.protobuf.ByteString getDescriptionBytes() {
+      java.lang.Object ref = description_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        description_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @param value The description to set.
+     * @return This builder for chaining.
+     */
+    public Builder setDescription(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      description_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearDescription() {
+
+      description_ = getDefaultInstance().getDescription();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @param value The bytes for description to set.
+     * @return This builder for chaining.
+     */
+    public Builder setDescriptionBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      description_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp createTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        createTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the createTime field is set.
+     */
+    public boolean hasCreateTime() {
+      return createTimeBuilder_ != null || createTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The createTime.
+     */
+    public com.google.protobuf.Timestamp getCreateTime() {
+      if (createTimeBuilder_ == null) {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      } else {
+        return createTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        createTime_ = value;
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (createTimeBuilder_ == null) {
+        createTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (createTime_ != null) {
+          createTime_ =
+              com.google.protobuf.Timestamp.newBuilder(createTime_).mergeFrom(value).buildPartial();
+        } else {
+          createTime_ = value;
+        }
+        onChanged();
+      } else {
+        createTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearCreateTime() {
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+        onChanged();
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getCreateTimeBuilder() {
+
+      onChanged();
+      return getCreateTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+      if (createTimeBuilder_ != null) {
+        return createTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getCreateTimeFieldBuilder() {
+      if (createTimeBuilder_ == null) {
+        createTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getCreateTime(), getParentForChildren(), isClean());
+        createTime_ = null;
+      }
+      return createTimeBuilder_;
+    }
+
+    private com.google.protobuf.Timestamp updateTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        updateTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the updateTime field is set.
+     */
+    public boolean hasUpdateTime() {
+      return updateTimeBuilder_ != null || updateTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The updateTime.
+     */
+    public com.google.protobuf.Timestamp getUpdateTime() {
+      if (updateTimeBuilder_ == null) {
+        return updateTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : updateTime_;
+      } else {
+        return updateTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setUpdateTime(com.google.protobuf.Timestamp value) {
+      if (updateTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        updateTime_ = value;
+        onChanged();
+      } else {
+        updateTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setUpdateTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        updateTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeUpdateTime(com.google.protobuf.Timestamp value) {
+      if (updateTimeBuilder_ == null) {
+        if (updateTime_ != null) {
+          updateTime_ =
+              com.google.protobuf.Timestamp.newBuilder(updateTime_).mergeFrom(value).buildPartial();
+        } else {
+          updateTime_ = value;
+        }
+        onChanged();
+      } else {
+        updateTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearUpdateTime() {
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = null;
+        onChanged();
+      } else {
+        updateTime_ = null;
+        updateTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getUpdateTimeBuilder() {
+
+      onChanged();
+      return getUpdateTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder() {
+      if (updateTimeBuilder_ != null) {
+        return updateTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return updateTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : updateTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getUpdateTimeFieldBuilder() {
+      if (updateTimeBuilder_ == null) {
+        updateTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getUpdateTime(), getParentForChildren(), isClean());
+        updateTime_ = null;
+      }
+      return updateTimeBuilder_;
+    }
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String> labels_;
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String> internalGetLabels() {
+      if (labels_ == null) {
+        return com.google.protobuf.MapField.emptyMapField(LabelsDefaultEntryHolder.defaultEntry);
+      }
+      return labels_;
+    }
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String>
+        internalGetMutableLabels() {
+      onChanged();
+      ;
+      if (labels_ == null) {
+        labels_ = com.google.protobuf.MapField.newMapField(LabelsDefaultEntryHolder.defaultEntry);
+      }
+      if (!labels_.isMutable()) {
+        labels_ = labels_.copy();
+      }
+      return labels_;
+    }
+
+    public int getLabelsCount() {
+      return internalGetLabels().getMap().size();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public boolean containsLabels(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      return internalGetLabels().getMap().containsKey(key);
+    }
+    /** Use {@link #getLabelsMap()} instead. */
+    @java.lang.Override
+    @java.lang.Deprecated
+    public java.util.Map<java.lang.String, java.lang.String> getLabels() {
+      return getLabelsMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
+      return internalGetLabels().getMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public java.lang.String getLabelsOrDefault(
+        java.lang.String key, java.lang.String defaultValue) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+      return map.containsKey(key) ? map.get(key) : defaultValue;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    @java.lang.Override
+    public java.lang.String getLabelsOrThrow(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+      if (!map.containsKey(key)) {
+        throw new java.lang.IllegalArgumentException();
+      }
+      return map.get(key);
+    }
+
+    public Builder clearLabels() {
+      internalGetMutableLabels().getMutableMap().clear();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    public Builder removeLabels(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      internalGetMutableLabels().getMutableMap().remove(key);
+      return this;
+    }
+    /** Use alternate mutation accessors instead. */
+    @java.lang.Deprecated
+    public java.util.Map<java.lang.String, java.lang.String> getMutableLabels() {
+      return internalGetMutableLabels().getMutableMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    public Builder putLabels(java.lang.String key, java.lang.String value) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      if (value == null) {
+        throw new NullPointerException("map value");
+      }
+
+      internalGetMutableLabels().getMutableMap().put(key, value);
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+     */
+    public Builder putAllLabels(java.util.Map<java.lang.String, java.lang.String> values) {
+      internalGetMutableLabels().getMutableMap().putAll(values);
+      return this;
+    }
+
+    private java.lang.Object sni_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Server Name Indication string to present to the server during TLS
+     * handshake. E.g: "secure.example.com".
+     * </pre>
+     *
+     * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return The sni.
+     */
+    public java.lang.String getSni() {
+      java.lang.Object ref = sni_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        sni_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Server Name Indication string to present to the server during TLS
+     * handshake. E.g: "secure.example.com".
+     * </pre>
+     *
+     * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return The bytes for sni.
+     */
+    public com.google.protobuf.ByteString getSniBytes() {
+      java.lang.Object ref = sni_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        sni_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Server Name Indication string to present to the server during TLS
+     * handshake. E.g: "secure.example.com".
+     * </pre>
+     *
+     * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @param value The sni to set.
+     * @return This builder for chaining.
+     */
+    public Builder setSni(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      sni_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Server Name Indication string to present to the server during TLS
+     * handshake. E.g: "secure.example.com".
+     * </pre>
+     *
+     * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearSni() {
+
+      sni_ = getDefaultInstance().getSni();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Server Name Indication string to present to the server during TLS
+     * handshake. E.g: "secure.example.com".
+     * </pre>
+     *
+     * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+     *
+     * @param value The bytes for sni to set.
+     * @return This builder for chaining.
+     */
+    public Builder setSniBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      sni_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.cloud.networksecurity.v1.CertificateProvider clientCertificate_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProvider,
+            com.google.cloud.networksecurity.v1.CertificateProvider.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder>
+        clientCertificateBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return Whether the clientCertificate field is set.
+     */
+    public boolean hasClientCertificate() {
+      return clientCertificateBuilder_ != null || clientCertificate_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return The clientCertificate.
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProvider getClientCertificate() {
+      if (clientCertificateBuilder_ == null) {
+        return clientCertificate_ == null
+            ? com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance()
+            : clientCertificate_;
+      } else {
+        return clientCertificateBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setClientCertificate(
+        com.google.cloud.networksecurity.v1.CertificateProvider value) {
+      if (clientCertificateBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        clientCertificate_ = value;
+        onChanged();
+      } else {
+        clientCertificateBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setClientCertificate(
+        com.google.cloud.networksecurity.v1.CertificateProvider.Builder builderForValue) {
+      if (clientCertificateBuilder_ == null) {
+        clientCertificate_ = builderForValue.build();
+        onChanged();
+      } else {
+        clientCertificateBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder mergeClientCertificate(
+        com.google.cloud.networksecurity.v1.CertificateProvider value) {
+      if (clientCertificateBuilder_ == null) {
+        if (clientCertificate_ != null) {
+          clientCertificate_ =
+              com.google.cloud.networksecurity.v1.CertificateProvider.newBuilder(clientCertificate_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          clientCertificate_ = value;
+        }
+        onChanged();
+      } else {
+        clientCertificateBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder clearClientCertificate() {
+      if (clientCertificateBuilder_ == null) {
+        clientCertificate_ = null;
+        onChanged();
+      } else {
+        clientCertificate_ = null;
+        clientCertificateBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProvider.Builder
+        getClientCertificateBuilder() {
+
+      onChanged();
+      return getClientCertificateFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder
+        getClientCertificateOrBuilder() {
+      if (clientCertificateBuilder_ != null) {
+        return clientCertificateBuilder_.getMessageOrBuilder();
+      } else {
+        return clientCertificate_ == null
+            ? com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance()
+            : clientCertificate_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines a mechanism to provision client identity (public and private keys)
+     * for peer to peer authentication. The presence of this dictates mTLS.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProvider,
+            com.google.cloud.networksecurity.v1.CertificateProvider.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder>
+        getClientCertificateFieldBuilder() {
+      if (clientCertificateBuilder_ == null) {
+        clientCertificateBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.CertificateProvider,
+                com.google.cloud.networksecurity.v1.CertificateProvider.Builder,
+                com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder>(
+                getClientCertificate(), getParentForChildren(), isClean());
+        clientCertificate_ = null;
+      }
+      return clientCertificateBuilder_;
+    }
+
+    private java.util.List<com.google.cloud.networksecurity.v1.ValidationCA> serverValidationCa_ =
+        java.util.Collections.emptyList();
+
+    private void ensureServerValidationCaIsMutable() {
+      if (!((bitField0_ & 0x00000002) != 0)) {
+        serverValidationCa_ =
+            new java.util.ArrayList<com.google.cloud.networksecurity.v1.ValidationCA>(
+                serverValidationCa_);
+        bitField0_ |= 0x00000002;
+      }
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ValidationCA,
+            com.google.cloud.networksecurity.v1.ValidationCA.Builder,
+            com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+        serverValidationCaBuilder_;
+
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.ValidationCA>
+        getServerValidationCaList() {
+      if (serverValidationCaBuilder_ == null) {
+        return java.util.Collections.unmodifiableList(serverValidationCa_);
+      } else {
+        return serverValidationCaBuilder_.getMessageList();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public int getServerValidationCaCount() {
+      if (serverValidationCaBuilder_ == null) {
+        return serverValidationCa_.size();
+      } else {
+        return serverValidationCaBuilder_.getCount();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ValidationCA getServerValidationCa(int index) {
+      if (serverValidationCaBuilder_ == null) {
+        return serverValidationCa_.get(index);
+      } else {
+        return serverValidationCaBuilder_.getMessage(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setServerValidationCa(
+        int index, com.google.cloud.networksecurity.v1.ValidationCA value) {
+      if (serverValidationCaBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureServerValidationCaIsMutable();
+        serverValidationCa_.set(index, value);
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.setMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setServerValidationCa(
+        int index, com.google.cloud.networksecurity.v1.ValidationCA.Builder builderForValue) {
+      if (serverValidationCaBuilder_ == null) {
+        ensureServerValidationCaIsMutable();
+        serverValidationCa_.set(index, builderForValue.build());
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.setMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addServerValidationCa(com.google.cloud.networksecurity.v1.ValidationCA value) {
+      if (serverValidationCaBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureServerValidationCaIsMutable();
+        serverValidationCa_.add(value);
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.addMessage(value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addServerValidationCa(
+        int index, com.google.cloud.networksecurity.v1.ValidationCA value) {
+      if (serverValidationCaBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureServerValidationCaIsMutable();
+        serverValidationCa_.add(index, value);
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.addMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addServerValidationCa(
+        com.google.cloud.networksecurity.v1.ValidationCA.Builder builderForValue) {
+      if (serverValidationCaBuilder_ == null) {
+        ensureServerValidationCaIsMutable();
+        serverValidationCa_.add(builderForValue.build());
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.addMessage(builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addServerValidationCa(
+        int index, com.google.cloud.networksecurity.v1.ValidationCA.Builder builderForValue) {
+      if (serverValidationCaBuilder_ == null) {
+        ensureServerValidationCaIsMutable();
+        serverValidationCa_.add(index, builderForValue.build());
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.addMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder addAllServerValidationCa(
+        java.lang.Iterable<? extends com.google.cloud.networksecurity.v1.ValidationCA> values) {
+      if (serverValidationCaBuilder_ == null) {
+        ensureServerValidationCaIsMutable();
+        com.google.protobuf.AbstractMessageLite.Builder.addAll(values, serverValidationCa_);
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.addAllMessages(values);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder clearServerValidationCa() {
+      if (serverValidationCaBuilder_ == null) {
+        serverValidationCa_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000002);
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder removeServerValidationCa(int index) {
+      if (serverValidationCaBuilder_ == null) {
+        ensureServerValidationCaIsMutable();
+        serverValidationCa_.remove(index);
+        onChanged();
+      } else {
+        serverValidationCaBuilder_.remove(index);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ValidationCA.Builder getServerValidationCaBuilder(
+        int index) {
+      return getServerValidationCaFieldBuilder().getBuilder(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ValidationCAOrBuilder getServerValidationCaOrBuilder(
+        int index) {
+      if (serverValidationCaBuilder_ == null) {
+        return serverValidationCa_.get(index);
+      } else {
+        return serverValidationCaBuilder_.getMessageOrBuilder(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public java.util.List<? extends com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+        getServerValidationCaOrBuilderList() {
+      if (serverValidationCaBuilder_ != null) {
+        return serverValidationCaBuilder_.getMessageOrBuilderList();
+      } else {
+        return java.util.Collections.unmodifiableList(serverValidationCa_);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ValidationCA.Builder addServerValidationCaBuilder() {
+      return getServerValidationCaFieldBuilder()
+          .addBuilder(com.google.cloud.networksecurity.v1.ValidationCA.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ValidationCA.Builder addServerValidationCaBuilder(
+        int index) {
+      return getServerValidationCaFieldBuilder()
+          .addBuilder(index, com.google.cloud.networksecurity.v1.ValidationCA.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the server certificate. If empty, client does not validate the
+     * server certificate.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.ValidationCA.Builder>
+        getServerValidationCaBuilderList() {
+      return getServerValidationCaFieldBuilder().getBuilderList();
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ValidationCA,
+            com.google.cloud.networksecurity.v1.ValidationCA.Builder,
+            com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+        getServerValidationCaFieldBuilder() {
+      if (serverValidationCaBuilder_ == null) {
+        serverValidationCaBuilder_ =
+            new com.google.protobuf.RepeatedFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ValidationCA,
+                com.google.cloud.networksecurity.v1.ValidationCA.Builder,
+                com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>(
+                serverValidationCa_,
+                ((bitField0_ & 0x00000002) != 0),
+                getParentForChildren(),
+                isClean());
+        serverValidationCa_ = null;
+      }
+      return serverValidationCaBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ClientTlsPolicy)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ClientTlsPolicy)
+  private static final com.google.cloud.networksecurity.v1.ClientTlsPolicy DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ClientTlsPolicy();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ClientTlsPolicy getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ClientTlsPolicy> PARSER =
+      new com.google.protobuf.AbstractParser<ClientTlsPolicy>() {
+        @java.lang.Override
+        public ClientTlsPolicy parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ClientTlsPolicy(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ClientTlsPolicy> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ClientTlsPolicy> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ClientTlsPolicy getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyName.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyName.java
new file mode 100644
index 000000000000..1d32bc818a4c
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyName.java
@@ -0,0 +1,227 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import com.google.api.pathtemplate.PathTemplate;
+import com.google.api.resourcenames.ResourceName;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableMap;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+@Generated("by gapic-generator-java")
+public class ClientTlsPolicyName implements ResourceName {
+  private static final PathTemplate PROJECT_LOCATION_CLIENT_TLS_POLICY =
+      PathTemplate.createWithoutUrlEncoding(
+          "projects/{project}/locations/{location}/clientTlsPolicies/{client_tls_policy}");
+  private volatile Map<String, String> fieldValuesMap;
+  private final String project;
+  private final String location;
+  private final String clientTlsPolicy;
+
+  @Deprecated
+  protected ClientTlsPolicyName() {
+    project = null;
+    location = null;
+    clientTlsPolicy = null;
+  }
+
+  private ClientTlsPolicyName(Builder builder) {
+    project = Preconditions.checkNotNull(builder.getProject());
+    location = Preconditions.checkNotNull(builder.getLocation());
+    clientTlsPolicy = Preconditions.checkNotNull(builder.getClientTlsPolicy());
+  }
+
+  public String getProject() {
+    return project;
+  }
+
+  public String getLocation() {
+    return location;
+  }
+
+  public String getClientTlsPolicy() {
+    return clientTlsPolicy;
+  }
+
+  public static Builder newBuilder() {
+    return new Builder();
+  }
+
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  public static ClientTlsPolicyName of(String project, String location, String clientTlsPolicy) {
+    return newBuilder()
+        .setProject(project)
+        .setLocation(location)
+        .setClientTlsPolicy(clientTlsPolicy)
+        .build();
+  }
+
+  public static String format(String project, String location, String clientTlsPolicy) {
+    return newBuilder()
+        .setProject(project)
+        .setLocation(location)
+        .setClientTlsPolicy(clientTlsPolicy)
+        .build()
+        .toString();
+  }
+
+  public static ClientTlsPolicyName parse(String formattedString) {
+    if (formattedString.isEmpty()) {
+      return null;
+    }
+    Map<String, String> matchMap =
+        PROJECT_LOCATION_CLIENT_TLS_POLICY.validatedMatch(
+            formattedString, "ClientTlsPolicyName.parse: formattedString not in valid format");
+    return of(matchMap.get("project"), matchMap.get("location"), matchMap.get("client_tls_policy"));
+  }
+
+  public static List<ClientTlsPolicyName> parseList(List<String> formattedStrings) {
+    List<ClientTlsPolicyName> list = new ArrayList<>(formattedStrings.size());
+    for (String formattedString : formattedStrings) {
+      list.add(parse(formattedString));
+    }
+    return list;
+  }
+
+  public static List<String> toStringList(List<ClientTlsPolicyName> values) {
+    List<String> list = new ArrayList<>(values.size());
+    for (ClientTlsPolicyName value : values) {
+      if (value == null) {
+        list.add("");
+      } else {
+        list.add(value.toString());
+      }
+    }
+    return list;
+  }
+
+  public static boolean isParsableFrom(String formattedString) {
+    return PROJECT_LOCATION_CLIENT_TLS_POLICY.matches(formattedString);
+  }
+
+  @Override
+  public Map<String, String> getFieldValuesMap() {
+    if (fieldValuesMap == null) {
+      synchronized (this) {
+        if (fieldValuesMap == null) {
+          ImmutableMap.Builder<String, String> fieldMapBuilder = ImmutableMap.builder();
+          if (project != null) {
+            fieldMapBuilder.put("project", project);
+          }
+          if (location != null) {
+            fieldMapBuilder.put("location", location);
+          }
+          if (clientTlsPolicy != null) {
+            fieldMapBuilder.put("client_tls_policy", clientTlsPolicy);
+          }
+          fieldValuesMap = fieldMapBuilder.build();
+        }
+      }
+    }
+    return fieldValuesMap;
+  }
+
+  public String getFieldValue(String fieldName) {
+    return getFieldValuesMap().get(fieldName);
+  }
+
+  @Override
+  public String toString() {
+    return PROJECT_LOCATION_CLIENT_TLS_POLICY.instantiate(
+        "project", project, "location", location, "client_tls_policy", clientTlsPolicy);
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (o == this) {
+      return true;
+    }
+    if (o != null || getClass() == o.getClass()) {
+      ClientTlsPolicyName that = ((ClientTlsPolicyName) o);
+      return Objects.equals(this.project, that.project)
+          && Objects.equals(this.location, that.location)
+          && Objects.equals(this.clientTlsPolicy, that.clientTlsPolicy);
+    }
+    return false;
+  }
+
+  @Override
+  public int hashCode() {
+    int h = 1;
+    h *= 1000003;
+    h ^= Objects.hashCode(project);
+    h *= 1000003;
+    h ^= Objects.hashCode(location);
+    h *= 1000003;
+    h ^= Objects.hashCode(clientTlsPolicy);
+    return h;
+  }
+
+  /** Builder for projects/{project}/locations/{location}/clientTlsPolicies/{client_tls_policy}. */
+  public static class Builder {
+    private String project;
+    private String location;
+    private String clientTlsPolicy;
+
+    protected Builder() {}
+
+    public String getProject() {
+      return project;
+    }
+
+    public String getLocation() {
+      return location;
+    }
+
+    public String getClientTlsPolicy() {
+      return clientTlsPolicy;
+    }
+
+    public Builder setProject(String project) {
+      this.project = project;
+      return this;
+    }
+
+    public Builder setLocation(String location) {
+      this.location = location;
+      return this;
+    }
+
+    public Builder setClientTlsPolicy(String clientTlsPolicy) {
+      this.clientTlsPolicy = clientTlsPolicy;
+      return this;
+    }
+
+    private Builder(ClientTlsPolicyName clientTlsPolicyName) {
+      this.project = clientTlsPolicyName.project;
+      this.location = clientTlsPolicyName.location;
+      this.clientTlsPolicy = clientTlsPolicyName.clientTlsPolicy;
+    }
+
+    public ClientTlsPolicyName build() {
+      return new ClientTlsPolicyName(this);
+    }
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyOrBuilder.java
new file mode 100644
index 000000000000..e1aeee813eda
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyOrBuilder.java
@@ -0,0 +1,356 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ClientTlsPolicyOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ClientTlsPolicy)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ClientTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/{client_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The description.
+   */
+  java.lang.String getDescription();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The bytes for description.
+   */
+  com.google.protobuf.ByteString getDescriptionBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  boolean hasCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  com.google.protobuf.Timestamp getCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the updateTime field is set.
+   */
+  boolean hasUpdateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The updateTime.
+   */
+  com.google.protobuf.Timestamp getUpdateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  int getLabelsCount();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  boolean containsLabels(java.lang.String key);
+  /** Use {@link #getLabelsMap()} instead. */
+  @java.lang.Deprecated
+  java.util.Map<java.lang.String, java.lang.String> getLabels();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  java.util.Map<java.lang.String, java.lang.String> getLabelsMap();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+
+  /* nullable */
+  java.lang.String getLabelsOrDefault(
+      java.lang.String key,
+      /* nullable */
+      java.lang.String defaultValue);
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
+   */
+  java.lang.String getLabelsOrThrow(java.lang.String key);
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Server Name Indication string to present to the server during TLS
+   * handshake. E.g: "secure.example.com".
+   * </pre>
+   *
+   * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The sni.
+   */
+  java.lang.String getSni();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Server Name Indication string to present to the server during TLS
+   * handshake. E.g: "secure.example.com".
+   * </pre>
+   *
+   * <code>string sni = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
+   *
+   * @return The bytes for sni.
+   */
+  com.google.protobuf.ByteString getSniBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines a mechanism to provision client identity (public and private keys)
+   * for peer to peer authentication. The presence of this dictates mTLS.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the clientCertificate field is set.
+   */
+  boolean hasClientCertificate();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines a mechanism to provision client identity (public and private keys)
+   * for peer to peer authentication. The presence of this dictates mTLS.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The clientCertificate.
+   */
+  com.google.cloud.networksecurity.v1.CertificateProvider getClientCertificate();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines a mechanism to provision client identity (public and private keys)
+   * for peer to peer authentication. The presence of this dictates mTLS.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProvider client_certificate = 7 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder getClientCertificateOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  java.util.List<com.google.cloud.networksecurity.v1.ValidationCA> getServerValidationCaList();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.ValidationCA getServerValidationCa(int index);
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  int getServerValidationCaCount();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  java.util.List<? extends com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+      getServerValidationCaOrBuilderList();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+   * validate the server certificate. If empty, client does not validate the
+   * server certificate.
+   * </pre>
+   *
+   * <code>
+   * repeated .google.cloud.networksecurity.v1.ValidationCA server_validation_ca = 8 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.ValidationCAOrBuilder getServerValidationCaOrBuilder(
+      int index);
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyProto.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyProto.java
new file mode 100644
index 000000000000..d9e96d38a833
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ClientTlsPolicyProto.java
@@ -0,0 +1,221 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public final class ClientTlsPolicyProto {
+  private ClientTlsPolicyProto() {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_LabelsEntry_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_LabelsEntry_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+    return descriptor;
+  }
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
+  static {
+    java.lang.String[] descriptorData = {
+      "\n7google/cloud/networksecurity/v1/client"
+          + "_tls_policy.proto\022\037google.cloud.networks"
+          + "ecurity.v1\032\037google/api/field_behavior.pr"
+          + "oto\032\031google/api/resource.proto\032)google/c"
+          + "loud/networksecurity/v1/tls.proto\032 googl"
+          + "e/protobuf/field_mask.proto\032\037google/prot"
+          + "obuf/timestamp.proto\"\354\004\n\017ClientTlsPolicy"
+          + "\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\030\n\013description\030\002 \001(\t"
+          + "B\003\340A\001\0224\n\013create_time\030\003 \001(\0132\032.google.prot"
+          + "obuf.TimestampB\003\340A\003\0224\n\013update_time\030\004 \001(\013"
+          + "2\032.google.protobuf.TimestampB\003\340A\003\022Q\n\006lab"
+          + "els\030\005 \003(\0132<.google.cloud.networksecurity"
+          + ".v1.ClientTlsPolicy.LabelsEntryB\003\340A\001\022\020\n\003"
+          + "sni\030\006 \001(\tB\003\340A\001\022U\n\022client_certificate\030\007 \001"
+          + "(\01324.google.cloud.networksecurity.v1.Cer"
+          + "tificateProviderB\003\340A\001\022P\n\024server_validati"
+          + "on_ca\030\010 \003(\0132-.google.cloud.networksecuri"
+          + "ty.v1.ValidationCAB\003\340A\001\032-\n\013LabelsEntry\022\013"
+          + "\n\003key\030\001 \001(\t\022\r\n\005value\030\002 \001(\t:\0028\001:\202\001\352A\177\n.ne"
+          + "tworksecurity.googleapis.com/ClientTlsPo"
+          + "licy\022Mprojects/{project}/locations/{loca"
+          + "tion}/clientTlsPolicies/{client_tls_poli"
+          + "cy}\"\200\001\n\034ListClientTlsPoliciesRequest\0229\n\006"
+          + "parent\030\001 \001(\tB)\340A\002\372A#\n!locations.googleap"
+          + "is.com/Location\022\021\n\tpage_size\030\002 \001(\005\022\022\n\npa"
+          + "ge_token\030\003 \001(\t\"\207\001\n\035ListClientTlsPolicies"
+          + "Response\022M\n\023client_tls_policies\030\001 \003(\01320."
+          + "google.cloud.networksecurity.v1.ClientTl"
+          + "sPolicy\022\027\n\017next_page_token\030\002 \001(\t\"a\n\031GetC"
+          + "lientTlsPolicyRequest\022D\n\004name\030\001 \001(\tB6\340A\002"
+          + "\372A0\n.networksecurity.googleapis.com/Clie"
+          + "ntTlsPolicy\"\333\001\n\034CreateClientTlsPolicyReq"
+          + "uest\022F\n\006parent\030\001 \001(\tB6\340A\002\372A0\022.networksec"
+          + "urity.googleapis.com/ClientTlsPolicy\022!\n\024"
+          + "client_tls_policy_id\030\002 \001(\tB\003\340A\002\022P\n\021clien"
+          + "t_tls_policy\030\003 \001(\01320.google.cloud.networ"
+          + "ksecurity.v1.ClientTlsPolicyB\003\340A\002\"\246\001\n\034Up"
+          + "dateClientTlsPolicyRequest\0224\n\013update_mas"
+          + "k\030\001 \001(\0132\032.google.protobuf.FieldMaskB\003\340A\001"
+          + "\022P\n\021client_tls_policy\030\002 \001(\01320.google.clo"
+          + "ud.networksecurity.v1.ClientTlsPolicyB\003\340"
+          + "A\002\"d\n\034DeleteClientTlsPolicyRequest\022D\n\004na"
+          + "me\030\001 \001(\tB6\340A\002\372A0\n.networksecurity.google"
+          + "apis.com/ClientTlsPolicyB\366\001\n#com.google."
+          + "cloud.networksecurity.v1B\024ClientTlsPolic"
+          + "yProtoP\001ZNgoogle.golang.org/genproto/goo"
+          + "gleapis/cloud/networksecurity/v1;network"
+          + "security\252\002\037Google.Cloud.NetworkSecurity."
+          + "V1\312\002\037Google\\Cloud\\NetworkSecurity\\V1\352\002\"G"
+          + "oogle::Cloud::NetworkSecurity::V1b\006proto"
+          + "3"
+    };
+    descriptor =
+        com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+            descriptorData,
+            new com.google.protobuf.Descriptors.FileDescriptor[] {
+              com.google.api.FieldBehaviorProto.getDescriptor(),
+              com.google.api.ResourceProto.getDescriptor(),
+              com.google.cloud.networksecurity.v1.TlsProto.getDescriptor(),
+              com.google.protobuf.FieldMaskProto.getDescriptor(),
+              com.google.protobuf.TimestampProto.getDescriptor(),
+            });
+    internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_descriptor =
+        getDescriptor().getMessageTypes().get(0);
+    internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_descriptor,
+            new java.lang.String[] {
+              "Name",
+              "Description",
+              "CreateTime",
+              "UpdateTime",
+              "Labels",
+              "Sni",
+              "ClientCertificate",
+              "ServerValidationCa",
+            });
+    internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_LabelsEntry_descriptor =
+        internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_descriptor
+            .getNestedTypes()
+            .get(0);
+    internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_LabelsEntry_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ClientTlsPolicy_LabelsEntry_descriptor,
+            new java.lang.String[] {
+              "Key", "Value",
+            });
+    internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_descriptor =
+        getDescriptor().getMessageTypes().get(1);
+    internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_descriptor,
+            new java.lang.String[] {
+              "Parent", "PageSize", "PageToken",
+            });
+    internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_descriptor =
+        getDescriptor().getMessageTypes().get(2);
+    internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_descriptor,
+            new java.lang.String[] {
+              "ClientTlsPolicies", "NextPageToken",
+            });
+    internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(3);
+    internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Name",
+            });
+    internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(4);
+    internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Parent", "ClientTlsPolicyId", "ClientTlsPolicy",
+            });
+    internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(5);
+    internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "UpdateMask", "ClientTlsPolicy",
+            });
+    internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(6);
+    internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Name",
+            });
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.FieldBehaviorProto.fieldBehavior);
+    registry.add(com.google.api.ResourceProto.resource);
+    registry.add(com.google.api.ResourceProto.resourceReference);
+    com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
+        descriptor, registry);
+    com.google.api.FieldBehaviorProto.getDescriptor();
+    com.google.api.ResourceProto.getDescriptor();
+    com.google.cloud.networksecurity.v1.TlsProto.getDescriptor();
+    com.google.protobuf.FieldMaskProto.getDescriptor();
+    com.google.protobuf.TimestampProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CommonProto.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CommonProto.java
new file mode 100644
index 000000000000..e1e36d32c86a
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CommonProto.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/common.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public final class CommonProto {
+  private CommonProto() {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_OperationMetadata_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_OperationMetadata_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+    return descriptor;
+  }
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
+  static {
+    java.lang.String[] descriptorData = {
+      "\n,google/cloud/networksecurity/v1/common"
+          + ".proto\022\037google.cloud.networksecurity.v1\032"
+          + "\037google/api/field_behavior.proto\032\037google"
+          + "/protobuf/timestamp.proto\"\200\002\n\021OperationM"
+          + "etadata\0224\n\013create_time\030\001 \001(\0132\032.google.pr"
+          + "otobuf.TimestampB\003\340A\003\0221\n\010end_time\030\002 \001(\0132"
+          + "\032.google.protobuf.TimestampB\003\340A\003\022\023\n\006targ"
+          + "et\030\003 \001(\tB\003\340A\003\022\021\n\004verb\030\004 \001(\tB\003\340A\003\022\033\n\016stat"
+          + "us_message\030\005 \001(\tB\003\340A\003\022#\n\026requested_cance"
+          + "llation\030\006 \001(\010B\003\340A\003\022\030\n\013api_version\030\007 \001(\tB"
+          + "\003\340A\003B\355\001\n#com.google.cloud.networksecurit"
+          + "y.v1B\013CommonProtoP\001ZNgoogle.golang.org/g"
+          + "enproto/googleapis/cloud/networksecurity"
+          + "/v1;networksecurity\252\002\037Google.Cloud.Netwo"
+          + "rkSecurity.V1\312\002\037Google\\Cloud\\NetworkSecu"
+          + "rity\\V1\352\002\"Google::Cloud::NetworkSecurity"
+          + "::V1b\006proto3"
+    };
+    descriptor =
+        com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+            descriptorData,
+            new com.google.protobuf.Descriptors.FileDescriptor[] {
+              com.google.api.FieldBehaviorProto.getDescriptor(),
+              com.google.protobuf.TimestampProto.getDescriptor(),
+            });
+    internal_static_google_cloud_networksecurity_v1_OperationMetadata_descriptor =
+        getDescriptor().getMessageTypes().get(0);
+    internal_static_google_cloud_networksecurity_v1_OperationMetadata_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_OperationMetadata_descriptor,
+            new java.lang.String[] {
+              "CreateTime",
+              "EndTime",
+              "Target",
+              "Verb",
+              "StatusMessage",
+              "RequestedCancellation",
+              "ApiVersion",
+            });
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.FieldBehaviorProto.fieldBehavior);
+    com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
+        descriptor, registry);
+    com.google.api.FieldBehaviorProto.getDescriptor();
+    com.google.protobuf.TimestampProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequest.java
new file mode 100644
index 000000000000..f611460e574a
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequest.java
@@ -0,0 +1,1181 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the CreateAuthorizationPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest}
+ */
+public final class CreateAuthorizationPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest)
+    CreateAuthorizationPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use CreateAuthorizationPolicyRequest.newBuilder() to construct.
+  private CreateAuthorizationPolicyRequest(
+      com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private CreateAuthorizationPolicyRequest() {
+    parent_ = "";
+    authorizationPolicyId_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new CreateAuthorizationPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private CreateAuthorizationPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              parent_ = s;
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              authorizationPolicyId_ = s;
+              break;
+            }
+          case 26:
+            {
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder subBuilder = null;
+              if (authorizationPolicy_ != null) {
+                subBuilder = authorizationPolicy_.toBuilder();
+              }
+              authorizationPolicy_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.AuthorizationPolicy.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(authorizationPolicy_);
+                authorizationPolicy_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest.Builder.class);
+  }
+
+  public static final int PARENT_FIELD_NUMBER = 1;
+  private volatile java.lang.Object parent_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the AuthorizationPolicy. Must be in the
+   * format `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  @java.lang.Override
+  public java.lang.String getParent() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      parent_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the AuthorizationPolicy. Must be in the
+   * format `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getParentBytes() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      parent_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int AUTHORIZATION_POLICY_ID_FIELD_NUMBER = 2;
+  private volatile java.lang.Object authorizationPolicyId_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the AuthorizationPolicy resource to be created.
+   * This value should be 1-63 characters long, containing only
+   * letters, numbers, hyphens, and underscores, and should not start
+   * with a number. E.g. "authz_policy".
+   * </pre>
+   *
+   * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The authorizationPolicyId.
+   */
+  @java.lang.Override
+  public java.lang.String getAuthorizationPolicyId() {
+    java.lang.Object ref = authorizationPolicyId_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      authorizationPolicyId_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the AuthorizationPolicy resource to be created.
+   * This value should be 1-63 characters long, containing only
+   * letters, numbers, hyphens, and underscores, and should not start
+   * with a number. E.g. "authz_policy".
+   * </pre>
+   *
+   * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for authorizationPolicyId.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getAuthorizationPolicyIdBytes() {
+    java.lang.Object ref = authorizationPolicyId_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      authorizationPolicyId_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int AUTHORIZATION_POLICY_FIELD_NUMBER = 3;
+  private com.google.cloud.networksecurity.v1.AuthorizationPolicy authorizationPolicy_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. AuthorizationPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the authorizationPolicy field is set.
+   */
+  @java.lang.Override
+  public boolean hasAuthorizationPolicy() {
+    return authorizationPolicy_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. AuthorizationPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The authorizationPolicy.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicy() {
+    return authorizationPolicy_ == null
+        ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance()
+        : authorizationPolicy_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. AuthorizationPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+      getAuthorizationPolicyOrBuilder() {
+    return getAuthorizationPolicy();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, parent_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(authorizationPolicyId_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, authorizationPolicyId_);
+    }
+    if (authorizationPolicy_ != null) {
+      output.writeMessage(3, getAuthorizationPolicy());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, parent_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(authorizationPolicyId_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, authorizationPolicyId_);
+    }
+    if (authorizationPolicy_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getAuthorizationPolicy());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest) obj;
+
+    if (!getParent().equals(other.getParent())) return false;
+    if (!getAuthorizationPolicyId().equals(other.getAuthorizationPolicyId())) return false;
+    if (hasAuthorizationPolicy() != other.hasAuthorizationPolicy()) return false;
+    if (hasAuthorizationPolicy()) {
+      if (!getAuthorizationPolicy().equals(other.getAuthorizationPolicy())) return false;
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PARENT_FIELD_NUMBER;
+    hash = (53 * hash) + getParent().hashCode();
+    hash = (37 * hash) + AUTHORIZATION_POLICY_ID_FIELD_NUMBER;
+    hash = (53 * hash) + getAuthorizationPolicyId().hashCode();
+    if (hasAuthorizationPolicy()) {
+      hash = (37 * hash) + AUTHORIZATION_POLICY_FIELD_NUMBER;
+      hash = (53 * hash) + getAuthorizationPolicy().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the CreateAuthorizationPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest)
+      com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      parent_ = "";
+
+      authorizationPolicyId_ = "";
+
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicy_ = null;
+      } else {
+        authorizationPolicy_ = null;
+        authorizationPolicyBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+          .getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest(this);
+      result.parent_ = parent_;
+      result.authorizationPolicyId_ = authorizationPolicyId_;
+      if (authorizationPolicyBuilder_ == null) {
+        result.authorizationPolicy_ = authorizationPolicy_;
+      } else {
+        result.authorizationPolicy_ = authorizationPolicyBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest) {
+        return mergeFrom(
+            (com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+              .getDefaultInstance()) return this;
+      if (!other.getParent().isEmpty()) {
+        parent_ = other.parent_;
+        onChanged();
+      }
+      if (!other.getAuthorizationPolicyId().isEmpty()) {
+        authorizationPolicyId_ = other.authorizationPolicyId_;
+        onChanged();
+      }
+      if (other.hasAuthorizationPolicy()) {
+        mergeAuthorizationPolicy(other.getAuthorizationPolicy());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object parent_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the AuthorizationPolicy. Must be in the
+     * format `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The parent.
+     */
+    public java.lang.String getParent() {
+      java.lang.Object ref = parent_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        parent_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the AuthorizationPolicy. Must be in the
+     * format `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for parent.
+     */
+    public com.google.protobuf.ByteString getParentBytes() {
+      java.lang.Object ref = parent_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        parent_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the AuthorizationPolicy. Must be in the
+     * format `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParent(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the AuthorizationPolicy. Must be in the
+     * format `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearParent() {
+
+      parent_ = getDefaultInstance().getParent();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the AuthorizationPolicy. Must be in the
+     * format `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParentBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object authorizationPolicyId_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the AuthorizationPolicy resource to be created.
+     * This value should be 1-63 characters long, containing only
+     * letters, numbers, hyphens, and underscores, and should not start
+     * with a number. E.g. "authz_policy".
+     * </pre>
+     *
+     * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The authorizationPolicyId.
+     */
+    public java.lang.String getAuthorizationPolicyId() {
+      java.lang.Object ref = authorizationPolicyId_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        authorizationPolicyId_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the AuthorizationPolicy resource to be created.
+     * This value should be 1-63 characters long, containing only
+     * letters, numbers, hyphens, and underscores, and should not start
+     * with a number. E.g. "authz_policy".
+     * </pre>
+     *
+     * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for authorizationPolicyId.
+     */
+    public com.google.protobuf.ByteString getAuthorizationPolicyIdBytes() {
+      java.lang.Object ref = authorizationPolicyId_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        authorizationPolicyId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the AuthorizationPolicy resource to be created.
+     * This value should be 1-63 characters long, containing only
+     * letters, numbers, hyphens, and underscores, and should not start
+     * with a number. E.g. "authz_policy".
+     * </pre>
+     *
+     * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The authorizationPolicyId to set.
+     * @return This builder for chaining.
+     */
+    public Builder setAuthorizationPolicyId(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      authorizationPolicyId_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the AuthorizationPolicy resource to be created.
+     * This value should be 1-63 characters long, containing only
+     * letters, numbers, hyphens, and underscores, and should not start
+     * with a number. E.g. "authz_policy".
+     * </pre>
+     *
+     * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearAuthorizationPolicyId() {
+
+      authorizationPolicyId_ = getDefaultInstance().getAuthorizationPolicyId();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the AuthorizationPolicy resource to be created.
+     * This value should be 1-63 characters long, containing only
+     * letters, numbers, hyphens, and underscores, and should not start
+     * with a number. E.g. "authz_policy".
+     * </pre>
+     *
+     * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for authorizationPolicyId to set.
+     * @return This builder for chaining.
+     */
+    public Builder setAuthorizationPolicyIdBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      authorizationPolicyId_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.cloud.networksecurity.v1.AuthorizationPolicy authorizationPolicy_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+        authorizationPolicyBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return Whether the authorizationPolicy field is set.
+     */
+    public boolean hasAuthorizationPolicy() {
+      return authorizationPolicyBuilder_ != null || authorizationPolicy_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The authorizationPolicy.
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicy() {
+      if (authorizationPolicyBuilder_ == null) {
+        return authorizationPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance()
+            : authorizationPolicy_;
+      } else {
+        return authorizationPolicyBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy value) {
+      if (authorizationPolicyBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        authorizationPolicy_ = value;
+        onChanged();
+      } else {
+        authorizationPolicyBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder builderForValue) {
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicy_ = builderForValue.build();
+        onChanged();
+      } else {
+        authorizationPolicyBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder mergeAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy value) {
+      if (authorizationPolicyBuilder_ == null) {
+        if (authorizationPolicy_ != null) {
+          authorizationPolicy_ =
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.newBuilder(
+                      authorizationPolicy_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          authorizationPolicy_ = value;
+        }
+        onChanged();
+      } else {
+        authorizationPolicyBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder clearAuthorizationPolicy() {
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicy_ = null;
+        onChanged();
+      } else {
+        authorizationPolicy_ = null;
+        authorizationPolicyBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder
+        getAuthorizationPolicyBuilder() {
+
+      onChanged();
+      return getAuthorizationPolicyFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+        getAuthorizationPolicyOrBuilder() {
+      if (authorizationPolicyBuilder_ != null) {
+        return authorizationPolicyBuilder_.getMessageOrBuilder();
+      } else {
+        return authorizationPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance()
+            : authorizationPolicy_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. AuthorizationPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+        getAuthorizationPolicyFieldBuilder() {
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicyBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>(
+                getAuthorizationPolicy(), getParentForChildren(), isClean());
+        authorizationPolicy_ = null;
+      }
+      return authorizationPolicyBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<CreateAuthorizationPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<CreateAuthorizationPolicyRequest>() {
+        @java.lang.Override
+        public CreateAuthorizationPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new CreateAuthorizationPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<CreateAuthorizationPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<CreateAuthorizationPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..f1b33cd90fc3
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateAuthorizationPolicyRequestOrBuilder.java
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface CreateAuthorizationPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.CreateAuthorizationPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the AuthorizationPolicy. Must be in the
+   * format `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  java.lang.String getParent();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the AuthorizationPolicy. Must be in the
+   * format `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  com.google.protobuf.ByteString getParentBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the AuthorizationPolicy resource to be created.
+   * This value should be 1-63 characters long, containing only
+   * letters, numbers, hyphens, and underscores, and should not start
+   * with a number. E.g. "authz_policy".
+   * </pre>
+   *
+   * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The authorizationPolicyId.
+   */
+  java.lang.String getAuthorizationPolicyId();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the AuthorizationPolicy resource to be created.
+   * This value should be 1-63 characters long, containing only
+   * letters, numbers, hyphens, and underscores, and should not start
+   * with a number. E.g. "authz_policy".
+   * </pre>
+   *
+   * <code>string authorization_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for authorizationPolicyId.
+   */
+  com.google.protobuf.ByteString getAuthorizationPolicyIdBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. AuthorizationPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the authorizationPolicy field is set.
+   */
+  boolean hasAuthorizationPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. AuthorizationPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The authorizationPolicy.
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. AuthorizationPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+      getAuthorizationPolicyOrBuilder();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequest.java
new file mode 100644
index 000000000000..5f353edd690d
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequest.java
@@ -0,0 +1,1165 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the CreateClientTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest}
+ */
+public final class CreateClientTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest)
+    CreateClientTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use CreateClientTlsPolicyRequest.newBuilder() to construct.
+  private CreateClientTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private CreateClientTlsPolicyRequest() {
+    parent_ = "";
+    clientTlsPolicyId_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new CreateClientTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private CreateClientTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              parent_ = s;
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              clientTlsPolicyId_ = s;
+              break;
+            }
+          case 26:
+            {
+              com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder subBuilder = null;
+              if (clientTlsPolicy_ != null) {
+                subBuilder = clientTlsPolicy_.toBuilder();
+              }
+              clientTlsPolicy_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ClientTlsPolicy.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(clientTlsPolicy_);
+                clientTlsPolicy_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int PARENT_FIELD_NUMBER = 1;
+  private volatile java.lang.Object parent_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ClientTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  @java.lang.Override
+  public java.lang.String getParent() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      parent_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ClientTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getParentBytes() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      parent_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int CLIENT_TLS_POLICY_ID_FIELD_NUMBER = 2;
+  private volatile java.lang.Object clientTlsPolicyId_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * </pre>
+   *
+   * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The clientTlsPolicyId.
+   */
+  @java.lang.Override
+  public java.lang.String getClientTlsPolicyId() {
+    java.lang.Object ref = clientTlsPolicyId_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      clientTlsPolicyId_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * </pre>
+   *
+   * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for clientTlsPolicyId.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getClientTlsPolicyIdBytes() {
+    java.lang.Object ref = clientTlsPolicyId_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      clientTlsPolicyId_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int CLIENT_TLS_POLICY_FIELD_NUMBER = 3;
+  private com.google.cloud.networksecurity.v1.ClientTlsPolicy clientTlsPolicy_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. ClientTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the clientTlsPolicy field is set.
+   */
+  @java.lang.Override
+  public boolean hasClientTlsPolicy() {
+    return clientTlsPolicy_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. ClientTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The clientTlsPolicy.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicy() {
+    return clientTlsPolicy_ == null
+        ? com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance()
+        : clientTlsPolicy_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. ClientTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder
+      getClientTlsPolicyOrBuilder() {
+    return getClientTlsPolicy();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, parent_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(clientTlsPolicyId_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, clientTlsPolicyId_);
+    }
+    if (clientTlsPolicy_ != null) {
+      output.writeMessage(3, getClientTlsPolicy());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, parent_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(clientTlsPolicyId_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, clientTlsPolicyId_);
+    }
+    if (clientTlsPolicy_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getClientTlsPolicy());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest) obj;
+
+    if (!getParent().equals(other.getParent())) return false;
+    if (!getClientTlsPolicyId().equals(other.getClientTlsPolicyId())) return false;
+    if (hasClientTlsPolicy() != other.hasClientTlsPolicy()) return false;
+    if (hasClientTlsPolicy()) {
+      if (!getClientTlsPolicy().equals(other.getClientTlsPolicy())) return false;
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PARENT_FIELD_NUMBER;
+    hash = (53 * hash) + getParent().hashCode();
+    hash = (37 * hash) + CLIENT_TLS_POLICY_ID_FIELD_NUMBER;
+    hash = (53 * hash) + getClientTlsPolicyId().hashCode();
+    if (hasClientTlsPolicy()) {
+      hash = (37 * hash) + CLIENT_TLS_POLICY_FIELD_NUMBER;
+      hash = (53 * hash) + getClientTlsPolicy().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the CreateClientTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      parent_ = "";
+
+      clientTlsPolicyId_ = "";
+
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicy_ = null;
+      } else {
+        clientTlsPolicy_ = null;
+        clientTlsPolicyBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest(this);
+      result.parent_ = parent_;
+      result.clientTlsPolicyId_ = clientTlsPolicyId_;
+      if (clientTlsPolicyBuilder_ == null) {
+        result.clientTlsPolicy_ = clientTlsPolicy_;
+      } else {
+        result.clientTlsPolicy_ = clientTlsPolicyBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (!other.getParent().isEmpty()) {
+        parent_ = other.parent_;
+        onChanged();
+      }
+      if (!other.getClientTlsPolicyId().isEmpty()) {
+        clientTlsPolicyId_ = other.clientTlsPolicyId_;
+        onChanged();
+      }
+      if (other.hasClientTlsPolicy()) {
+        mergeClientTlsPolicy(other.getClientTlsPolicy());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object parent_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ClientTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The parent.
+     */
+    public java.lang.String getParent() {
+      java.lang.Object ref = parent_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        parent_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ClientTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for parent.
+     */
+    public com.google.protobuf.ByteString getParentBytes() {
+      java.lang.Object ref = parent_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        parent_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ClientTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParent(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ClientTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearParent() {
+
+      parent_ = getDefaultInstance().getParent();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ClientTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParentBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object clientTlsPolicyId_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * </pre>
+     *
+     * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The clientTlsPolicyId.
+     */
+    public java.lang.String getClientTlsPolicyId() {
+      java.lang.Object ref = clientTlsPolicyId_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        clientTlsPolicyId_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * </pre>
+     *
+     * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for clientTlsPolicyId.
+     */
+    public com.google.protobuf.ByteString getClientTlsPolicyIdBytes() {
+      java.lang.Object ref = clientTlsPolicyId_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        clientTlsPolicyId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * </pre>
+     *
+     * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The clientTlsPolicyId to set.
+     * @return This builder for chaining.
+     */
+    public Builder setClientTlsPolicyId(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      clientTlsPolicyId_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * </pre>
+     *
+     * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearClientTlsPolicyId() {
+
+      clientTlsPolicyId_ = getDefaultInstance().getClientTlsPolicyId();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * </pre>
+     *
+     * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for clientTlsPolicyId to set.
+     * @return This builder for chaining.
+     */
+    public Builder setClientTlsPolicyIdBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      clientTlsPolicyId_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.cloud.networksecurity.v1.ClientTlsPolicy clientTlsPolicy_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+        clientTlsPolicyBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return Whether the clientTlsPolicy field is set.
+     */
+    public boolean hasClientTlsPolicy() {
+      return clientTlsPolicyBuilder_ != null || clientTlsPolicy_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The clientTlsPolicy.
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicy() {
+      if (clientTlsPolicyBuilder_ == null) {
+        return clientTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance()
+            : clientTlsPolicy_;
+      } else {
+        return clientTlsPolicyBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setClientTlsPolicy(com.google.cloud.networksecurity.v1.ClientTlsPolicy value) {
+      if (clientTlsPolicyBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        clientTlsPolicy_ = value;
+        onChanged();
+      } else {
+        clientTlsPolicyBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder builderForValue) {
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicy_ = builderForValue.build();
+        onChanged();
+      } else {
+        clientTlsPolicyBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder mergeClientTlsPolicy(com.google.cloud.networksecurity.v1.ClientTlsPolicy value) {
+      if (clientTlsPolicyBuilder_ == null) {
+        if (clientTlsPolicy_ != null) {
+          clientTlsPolicy_ =
+              com.google.cloud.networksecurity.v1.ClientTlsPolicy.newBuilder(clientTlsPolicy_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          clientTlsPolicy_ = value;
+        }
+        onChanged();
+      } else {
+        clientTlsPolicyBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder clearClientTlsPolicy() {
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicy_ = null;
+        onChanged();
+      } else {
+        clientTlsPolicy_ = null;
+        clientTlsPolicyBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder getClientTlsPolicyBuilder() {
+
+      onChanged();
+      return getClientTlsPolicyFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder
+        getClientTlsPolicyOrBuilder() {
+      if (clientTlsPolicyBuilder_ != null) {
+        return clientTlsPolicyBuilder_.getMessageOrBuilder();
+      } else {
+        return clientTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance()
+            : clientTlsPolicy_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ClientTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+        getClientTlsPolicyFieldBuilder() {
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicyBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+                com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+                com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>(
+                getClientTlsPolicy(), getParentForChildren(), isClean());
+        clientTlsPolicy_ = null;
+      }
+      return clientTlsPolicyBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<CreateClientTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<CreateClientTlsPolicyRequest>() {
+        @java.lang.Override
+        public CreateClientTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new CreateClientTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<CreateClientTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<CreateClientTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..00ae92f0b784
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateClientTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,126 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface CreateClientTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.CreateClientTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ClientTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  java.lang.String getParent();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ClientTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  com.google.protobuf.ByteString getParentBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * </pre>
+   *
+   * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The clientTlsPolicyId.
+   */
+  java.lang.String getClientTlsPolicyId();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * </pre>
+   *
+   * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for clientTlsPolicyId.
+   */
+  com.google.protobuf.ByteString getClientTlsPolicyIdBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. ClientTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the clientTlsPolicy field is set.
+   */
+  boolean hasClientTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. ClientTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The clientTlsPolicy.
+   */
+  com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. ClientTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder getClientTlsPolicyOrBuilder();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequest.java
new file mode 100644
index 000000000000..c95be1a2322e
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequest.java
@@ -0,0 +1,1165 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the CreateServerTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest}
+ */
+public final class CreateServerTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest)
+    CreateServerTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use CreateServerTlsPolicyRequest.newBuilder() to construct.
+  private CreateServerTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private CreateServerTlsPolicyRequest() {
+    parent_ = "";
+    serverTlsPolicyId_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new CreateServerTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private CreateServerTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              parent_ = s;
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              serverTlsPolicyId_ = s;
+              break;
+            }
+          case 26:
+            {
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder subBuilder = null;
+              if (serverTlsPolicy_ != null) {
+                subBuilder = serverTlsPolicy_.toBuilder();
+              }
+              serverTlsPolicy_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ServerTlsPolicy.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(serverTlsPolicy_);
+                serverTlsPolicy_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int PARENT_FIELD_NUMBER = 1;
+  private volatile java.lang.Object parent_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ServerTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  @java.lang.Override
+  public java.lang.String getParent() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      parent_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ServerTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getParentBytes() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      parent_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SERVER_TLS_POLICY_ID_FIELD_NUMBER = 2;
+  private volatile java.lang.Object serverTlsPolicyId_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * </pre>
+   *
+   * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The serverTlsPolicyId.
+   */
+  @java.lang.Override
+  public java.lang.String getServerTlsPolicyId() {
+    java.lang.Object ref = serverTlsPolicyId_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      serverTlsPolicyId_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * </pre>
+   *
+   * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for serverTlsPolicyId.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getServerTlsPolicyIdBytes() {
+    java.lang.Object ref = serverTlsPolicyId_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      serverTlsPolicyId_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SERVER_TLS_POLICY_FIELD_NUMBER = 3;
+  private com.google.cloud.networksecurity.v1.ServerTlsPolicy serverTlsPolicy_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. ServerTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the serverTlsPolicy field is set.
+   */
+  @java.lang.Override
+  public boolean hasServerTlsPolicy() {
+    return serverTlsPolicy_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. ServerTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The serverTlsPolicy.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicy() {
+    return serverTlsPolicy_ == null
+        ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance()
+        : serverTlsPolicy_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. ServerTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder
+      getServerTlsPolicyOrBuilder() {
+    return getServerTlsPolicy();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, parent_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(serverTlsPolicyId_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, serverTlsPolicyId_);
+    }
+    if (serverTlsPolicy_ != null) {
+      output.writeMessage(3, getServerTlsPolicy());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, parent_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(serverTlsPolicyId_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, serverTlsPolicyId_);
+    }
+    if (serverTlsPolicy_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getServerTlsPolicy());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest) obj;
+
+    if (!getParent().equals(other.getParent())) return false;
+    if (!getServerTlsPolicyId().equals(other.getServerTlsPolicyId())) return false;
+    if (hasServerTlsPolicy() != other.hasServerTlsPolicy()) return false;
+    if (hasServerTlsPolicy()) {
+      if (!getServerTlsPolicy().equals(other.getServerTlsPolicy())) return false;
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PARENT_FIELD_NUMBER;
+    hash = (53 * hash) + getParent().hashCode();
+    hash = (37 * hash) + SERVER_TLS_POLICY_ID_FIELD_NUMBER;
+    hash = (53 * hash) + getServerTlsPolicyId().hashCode();
+    if (hasServerTlsPolicy()) {
+      hash = (37 * hash) + SERVER_TLS_POLICY_FIELD_NUMBER;
+      hash = (53 * hash) + getServerTlsPolicy().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the CreateServerTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      parent_ = "";
+
+      serverTlsPolicyId_ = "";
+
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicy_ = null;
+      } else {
+        serverTlsPolicy_ = null;
+        serverTlsPolicyBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest(this);
+      result.parent_ = parent_;
+      result.serverTlsPolicyId_ = serverTlsPolicyId_;
+      if (serverTlsPolicyBuilder_ == null) {
+        result.serverTlsPolicy_ = serverTlsPolicy_;
+      } else {
+        result.serverTlsPolicy_ = serverTlsPolicyBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (!other.getParent().isEmpty()) {
+        parent_ = other.parent_;
+        onChanged();
+      }
+      if (!other.getServerTlsPolicyId().isEmpty()) {
+        serverTlsPolicyId_ = other.serverTlsPolicyId_;
+        onChanged();
+      }
+      if (other.hasServerTlsPolicy()) {
+        mergeServerTlsPolicy(other.getServerTlsPolicy());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object parent_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ServerTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The parent.
+     */
+    public java.lang.String getParent() {
+      java.lang.Object ref = parent_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        parent_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ServerTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for parent.
+     */
+    public com.google.protobuf.ByteString getParentBytes() {
+      java.lang.Object ref = parent_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        parent_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ServerTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParent(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ServerTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearParent() {
+
+      parent_ = getDefaultInstance().getParent();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The parent resource of the ServerTlsPolicy. Must be in
+     * the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParentBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object serverTlsPolicyId_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * </pre>
+     *
+     * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The serverTlsPolicyId.
+     */
+    public java.lang.String getServerTlsPolicyId() {
+      java.lang.Object ref = serverTlsPolicyId_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        serverTlsPolicyId_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * </pre>
+     *
+     * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for serverTlsPolicyId.
+     */
+    public com.google.protobuf.ByteString getServerTlsPolicyIdBytes() {
+      java.lang.Object ref = serverTlsPolicyId_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        serverTlsPolicyId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * </pre>
+     *
+     * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The serverTlsPolicyId to set.
+     * @return This builder for chaining.
+     */
+    public Builder setServerTlsPolicyId(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      serverTlsPolicyId_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * </pre>
+     *
+     * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearServerTlsPolicyId() {
+
+      serverTlsPolicyId_ = getDefaultInstance().getServerTlsPolicyId();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+     * be 1-63 characters long, containing only letters, numbers, hyphens, and
+     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * </pre>
+     *
+     * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for serverTlsPolicyId to set.
+     * @return This builder for chaining.
+     */
+    public Builder setServerTlsPolicyIdBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      serverTlsPolicyId_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.cloud.networksecurity.v1.ServerTlsPolicy serverTlsPolicy_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+        serverTlsPolicyBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return Whether the serverTlsPolicy field is set.
+     */
+    public boolean hasServerTlsPolicy() {
+      return serverTlsPolicyBuilder_ != null || serverTlsPolicy_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The serverTlsPolicy.
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicy() {
+      if (serverTlsPolicyBuilder_ == null) {
+        return serverTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance()
+            : serverTlsPolicy_;
+      } else {
+        return serverTlsPolicyBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setServerTlsPolicy(com.google.cloud.networksecurity.v1.ServerTlsPolicy value) {
+      if (serverTlsPolicyBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        serverTlsPolicy_ = value;
+        onChanged();
+      } else {
+        serverTlsPolicyBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder builderForValue) {
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicy_ = builderForValue.build();
+        onChanged();
+      } else {
+        serverTlsPolicyBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder mergeServerTlsPolicy(com.google.cloud.networksecurity.v1.ServerTlsPolicy value) {
+      if (serverTlsPolicyBuilder_ == null) {
+        if (serverTlsPolicy_ != null) {
+          serverTlsPolicy_ =
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.newBuilder(serverTlsPolicy_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          serverTlsPolicy_ = value;
+        }
+        onChanged();
+      } else {
+        serverTlsPolicyBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder clearServerTlsPolicy() {
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicy_ = null;
+        onChanged();
+      } else {
+        serverTlsPolicy_ = null;
+        serverTlsPolicyBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder getServerTlsPolicyBuilder() {
+
+      onChanged();
+      return getServerTlsPolicyFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder
+        getServerTlsPolicyOrBuilder() {
+      if (serverTlsPolicyBuilder_ != null) {
+        return serverTlsPolicyBuilder_.getMessageOrBuilder();
+      } else {
+        return serverTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance()
+            : serverTlsPolicy_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. ServerTlsPolicy resource to be created.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+        getServerTlsPolicyFieldBuilder() {
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicyBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>(
+                getServerTlsPolicy(), getParentForChildren(), isClean());
+        serverTlsPolicy_ = null;
+      }
+      return serverTlsPolicyBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<CreateServerTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<CreateServerTlsPolicyRequest>() {
+        @java.lang.Override
+        public CreateServerTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new CreateServerTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<CreateServerTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<CreateServerTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..c052b6e4ba63
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/CreateServerTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,126 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface CreateServerTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.CreateServerTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ServerTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  java.lang.String getParent();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The parent resource of the ServerTlsPolicy. Must be in
+   * the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  com.google.protobuf.ByteString getParentBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * </pre>
+   *
+   * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The serverTlsPolicyId.
+   */
+  java.lang.String getServerTlsPolicyId();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
+   * be 1-63 characters long, containing only letters, numbers, hyphens, and
+   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * </pre>
+   *
+   * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for serverTlsPolicyId.
+   */
+  com.google.protobuf.ByteString getServerTlsPolicyIdBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. ServerTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the serverTlsPolicy field is set.
+   */
+  boolean hasServerTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. ServerTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The serverTlsPolicy.
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. ServerTlsPolicy resource to be created.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 3 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder getServerTlsPolicyOrBuilder();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequest.java
new file mode 100644
index 000000000000..61c8eedc34f0
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequest.java
@@ -0,0 +1,672 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the DeleteAuthorizationPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest}
+ */
+public final class DeleteAuthorizationPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest)
+    DeleteAuthorizationPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use DeleteAuthorizationPolicyRequest.newBuilder() to construct.
+  private DeleteAuthorizationPolicyRequest(
+      com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private DeleteAuthorizationPolicyRequest() {
+    name_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new DeleteAuthorizationPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private DeleteAuthorizationPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest.Builder.class);
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the DeleteAuthorizationPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest)
+      com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+          .getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest(this);
+      result.name_ = name_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest) {
+        return mergeFrom(
+            (com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+              .getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<DeleteAuthorizationPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<DeleteAuthorizationPolicyRequest>() {
+        @java.lang.Override
+        public DeleteAuthorizationPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new DeleteAuthorizationPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<DeleteAuthorizationPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<DeleteAuthorizationPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..a062a3613123
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteAuthorizationPolicyRequestOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface DeleteAuthorizationPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.DeleteAuthorizationPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequest.java
new file mode 100644
index 000000000000..890ab458dacd
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequest.java
@@ -0,0 +1,667 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the DeleteClientTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest}
+ */
+public final class DeleteClientTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest)
+    DeleteClientTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use DeleteClientTlsPolicyRequest.newBuilder() to construct.
+  private DeleteClientTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private DeleteClientTlsPolicyRequest() {
+    name_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new DeleteClientTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private DeleteClientTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the DeleteClientTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest(this);
+      result.name_ = name_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<DeleteClientTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<DeleteClientTlsPolicyRequest>() {
+        @java.lang.Override
+        public DeleteClientTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new DeleteClientTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<DeleteClientTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<DeleteClientTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..a06bb173b997
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteClientTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface DeleteClientTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.DeleteClientTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequest.java
new file mode 100644
index 000000000000..04a27ec1cedb
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequest.java
@@ -0,0 +1,667 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the DeleteServerTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest}
+ */
+public final class DeleteServerTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest)
+    DeleteServerTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use DeleteServerTlsPolicyRequest.newBuilder() to construct.
+  private DeleteServerTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private DeleteServerTlsPolicyRequest() {
+    name_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new DeleteServerTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private DeleteServerTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the DeleteServerTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest(this);
+      result.name_ = name_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to delete. Must be in
+     * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<DeleteServerTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<DeleteServerTlsPolicyRequest>() {
+        @java.lang.Override
+        public DeleteServerTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new DeleteServerTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<DeleteServerTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<DeleteServerTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..c88a25575b63
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/DeleteServerTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface DeleteServerTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.DeleteServerTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to delete. Must be in
+   * the format `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequest.java
new file mode 100644
index 000000000000..3cd2d4c5bc53
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequest.java
@@ -0,0 +1,669 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the GetAuthorizationPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest}
+ */
+public final class GetAuthorizationPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest)
+    GetAuthorizationPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use GetAuthorizationPolicyRequest.newBuilder() to construct.
+  private GetAuthorizationPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private GetAuthorizationPolicyRequest() {
+    name_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new GetAuthorizationPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private GetAuthorizationPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.Builder.class);
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to get. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to get. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the GetAuthorizationPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest)
+      com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest(this);
+      result.name_ = name_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to get. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to get. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to get. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to get. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the AuthorizationPolicy to get. Must be in the format
+     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GetAuthorizationPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<GetAuthorizationPolicyRequest>() {
+        @java.lang.Override
+        public GetAuthorizationPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GetAuthorizationPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<GetAuthorizationPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GetAuthorizationPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..44b182dbb575
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetAuthorizationPolicyRequestOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface GetAuthorizationPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.GetAuthorizationPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to get. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the AuthorizationPolicy to get. Must be in the format
+   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequest.java
new file mode 100644
index 000000000000..2687c1abdee1
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequest.java
@@ -0,0 +1,664 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the GetClientTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.GetClientTlsPolicyRequest}
+ */
+public final class GetClientTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.GetClientTlsPolicyRequest)
+    GetClientTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use GetClientTlsPolicyRequest.newBuilder() to construct.
+  private GetClientTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private GetClientTlsPolicyRequest() {
+    name_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new GetClientTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private GetClientTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the GetClientTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.GetClientTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.GetClientTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest(this);
+      result.name_ = name_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ClientTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.GetClientTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.GetClientTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GetClientTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<GetClientTlsPolicyRequest>() {
+        @java.lang.Override
+        public GetClientTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GetClientTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<GetClientTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GetClientTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GetClientTlsPolicyRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..bfdec6960481
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetClientTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface GetClientTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.GetClientTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ClientTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/clientTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequest.java
new file mode 100644
index 000000000000..572501dc04a8
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequest.java
@@ -0,0 +1,664 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the GetServerTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.GetServerTlsPolicyRequest}
+ */
+public final class GetServerTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.GetServerTlsPolicyRequest)
+    GetServerTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use GetServerTlsPolicyRequest.newBuilder() to construct.
+  private GetServerTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private GetServerTlsPolicyRequest() {
+    name_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new GetServerTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private GetServerTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the GetServerTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.GetServerTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.GetServerTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest(this);
+      result.name_ = name_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. A name of the ServerTlsPolicy to get. Must be in the format
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+     * </pre>
+     *
+     * <code>
+     * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.GetServerTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.GetServerTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GetServerTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<GetServerTlsPolicyRequest>() {
+        @java.lang.Override
+        public GetServerTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GetServerTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<GetServerTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GetServerTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GetServerTlsPolicyRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..26a41eba1f2e
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GetServerTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface GetServerTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.GetServerTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. A name of the ServerTlsPolicy to get. Must be in the format
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/&#42;`.
+   * </pre>
+   *
+   * <code>
+   * string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpoint.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpoint.java
new file mode 100644
index 000000000000..6b60c6ca0be2
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpoint.java
@@ -0,0 +1,644 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Specification of the GRPC Endpoint.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.GrpcEndpoint}
+ */
+public final class GrpcEndpoint extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.GrpcEndpoint)
+    GrpcEndpointOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use GrpcEndpoint.newBuilder() to construct.
+  private GrpcEndpoint(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private GrpcEndpoint() {
+    targetUri_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new GrpcEndpoint();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private GrpcEndpoint(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              targetUri_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.GrpcEndpoint.class,
+            com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder.class);
+  }
+
+  public static final int TARGET_URI_FIELD_NUMBER = 1;
+  private volatile java.lang.Object targetUri_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+   * should start with "unix:".
+   * </pre>
+   *
+   * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The targetUri.
+   */
+  @java.lang.Override
+  public java.lang.String getTargetUri() {
+    java.lang.Object ref = targetUri_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      targetUri_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+   * should start with "unix:".
+   * </pre>
+   *
+   * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for targetUri.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getTargetUriBytes() {
+    java.lang.Object ref = targetUri_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      targetUri_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(targetUri_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, targetUri_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(targetUri_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, targetUri_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.GrpcEndpoint)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.GrpcEndpoint other =
+        (com.google.cloud.networksecurity.v1.GrpcEndpoint) obj;
+
+    if (!getTargetUri().equals(other.getTargetUri())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + TARGET_URI_FIELD_NUMBER;
+    hash = (53 * hash) + getTargetUri().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(com.google.cloud.networksecurity.v1.GrpcEndpoint prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Specification of the GRPC Endpoint.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.GrpcEndpoint}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.GrpcEndpoint)
+      com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.GrpcEndpoint.class,
+              com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.GrpcEndpoint.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      targetUri_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GrpcEndpoint getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GrpcEndpoint build() {
+      com.google.cloud.networksecurity.v1.GrpcEndpoint result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GrpcEndpoint buildPartial() {
+      com.google.cloud.networksecurity.v1.GrpcEndpoint result =
+          new com.google.cloud.networksecurity.v1.GrpcEndpoint(this);
+      result.targetUri_ = targetUri_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.GrpcEndpoint) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.GrpcEndpoint) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.GrpcEndpoint other) {
+      if (other == com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance())
+        return this;
+      if (!other.getTargetUri().isEmpty()) {
+        targetUri_ = other.targetUri_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.GrpcEndpoint parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.networksecurity.v1.GrpcEndpoint) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object targetUri_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+     * should start with "unix:".
+     * </pre>
+     *
+     * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The targetUri.
+     */
+    public java.lang.String getTargetUri() {
+      java.lang.Object ref = targetUri_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        targetUri_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+     * should start with "unix:".
+     * </pre>
+     *
+     * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for targetUri.
+     */
+    public com.google.protobuf.ByteString getTargetUriBytes() {
+      java.lang.Object ref = targetUri_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        targetUri_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+     * should start with "unix:".
+     * </pre>
+     *
+     * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The targetUri to set.
+     * @return This builder for chaining.
+     */
+    public Builder setTargetUri(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      targetUri_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+     * should start with "unix:".
+     * </pre>
+     *
+     * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearTargetUri() {
+
+      targetUri_ = getDefaultInstance().getTargetUri();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+     * should start with "unix:".
+     * </pre>
+     *
+     * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for targetUri to set.
+     * @return This builder for chaining.
+     */
+    public Builder setTargetUriBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      targetUri_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.GrpcEndpoint)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.GrpcEndpoint)
+  private static final com.google.cloud.networksecurity.v1.GrpcEndpoint DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.GrpcEndpoint();
+  }
+
+  public static com.google.cloud.networksecurity.v1.GrpcEndpoint getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GrpcEndpoint> PARSER =
+      new com.google.protobuf.AbstractParser<GrpcEndpoint>() {
+        @java.lang.Override
+        public GrpcEndpoint parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GrpcEndpoint(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<GrpcEndpoint> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GrpcEndpoint> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GrpcEndpoint getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpointOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpointOrBuilder.java
new file mode 100644
index 000000000000..e8bf20fea659
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/GrpcEndpointOrBuilder.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface GrpcEndpointOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.GrpcEndpoint)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+   * should start with "unix:".
+   * </pre>
+   *
+   * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The targetUri.
+   */
+  java.lang.String getTargetUri();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+   * should start with "unix:".
+   * </pre>
+   *
+   * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for targetUri.
+   */
+  com.google.protobuf.ByteString getTargetUriBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequest.java
new file mode 100644
index 000000000000..e291fa07bd1e
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequest.java
@@ -0,0 +1,969 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used with the ListAuthorizationPolicies method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest}
+ */
+public final class ListAuthorizationPoliciesRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest)
+    ListAuthorizationPoliciesRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ListAuthorizationPoliciesRequest.newBuilder() to construct.
+  private ListAuthorizationPoliciesRequest(
+      com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ListAuthorizationPoliciesRequest() {
+    parent_ = "";
+    pageToken_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ListAuthorizationPoliciesRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ListAuthorizationPoliciesRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              parent_ = s;
+              break;
+            }
+          case 16:
+            {
+              pageSize_ = input.readInt32();
+              break;
+            }
+          case 26:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              pageToken_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest.class,
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest.Builder.class);
+  }
+
+  public static final int PARENT_FIELD_NUMBER = 1;
+  private volatile java.lang.Object parent_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the AuthorizationPolicies
+   * should be listed, specified in the format
+   * `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  @java.lang.Override
+  public java.lang.String getParent() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      parent_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the AuthorizationPolicies
+   * should be listed, specified in the format
+   * `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getParentBytes() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      parent_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int PAGE_SIZE_FIELD_NUMBER = 2;
+  private int pageSize_;
+  /**
+   *
+   *
+   * <pre>
+   * Maximum number of AuthorizationPolicies to return per call.
+   * </pre>
+   *
+   * <code>int32 page_size = 2;</code>
+   *
+   * @return The pageSize.
+   */
+  @java.lang.Override
+  public int getPageSize() {
+    return pageSize_;
+  }
+
+  public static final int PAGE_TOKEN_FIELD_NUMBER = 3;
+  private volatile java.lang.Object pageToken_;
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last
+   * `ListAuthorizationPoliciesResponse` Indicates that this is a
+   * continuation of a prior `ListAuthorizationPolicies` call, and
+   * that the system should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The pageToken.
+   */
+  @java.lang.Override
+  public java.lang.String getPageToken() {
+    java.lang.Object ref = pageToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      pageToken_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last
+   * `ListAuthorizationPoliciesResponse` Indicates that this is a
+   * continuation of a prior `ListAuthorizationPolicies` call, and
+   * that the system should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The bytes for pageToken.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getPageTokenBytes() {
+    java.lang.Object ref = pageToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      pageToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, parent_);
+    }
+    if (pageSize_ != 0) {
+      output.writeInt32(2, pageSize_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pageToken_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, pageToken_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, parent_);
+    }
+    if (pageSize_ != 0) {
+      size += com.google.protobuf.CodedOutputStream.computeInt32Size(2, pageSize_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pageToken_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, pageToken_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest other =
+        (com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest) obj;
+
+    if (!getParent().equals(other.getParent())) return false;
+    if (getPageSize() != other.getPageSize()) return false;
+    if (!getPageToken().equals(other.getPageToken())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PARENT_FIELD_NUMBER;
+    hash = (53 * hash) + getParent().hashCode();
+    hash = (37 * hash) + PAGE_SIZE_FIELD_NUMBER;
+    hash = (53 * hash) + getPageSize();
+    hash = (37 * hash) + PAGE_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getPageToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used with the ListAuthorizationPolicies method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest)
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest.class,
+              com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      parent_ = "";
+
+      pageSize_ = 0;
+
+      pageToken_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+          .getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest build() {
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest result =
+          new com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest(this);
+      result.parent_ = parent_;
+      result.pageSize_ = pageSize_;
+      result.pageToken_ = pageToken_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest) {
+        return mergeFrom(
+            (com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+              .getDefaultInstance()) return this;
+      if (!other.getParent().isEmpty()) {
+        parent_ = other.parent_;
+        onChanged();
+      }
+      if (other.getPageSize() != 0) {
+        setPageSize(other.getPageSize());
+      }
+      if (!other.getPageToken().isEmpty()) {
+        pageToken_ = other.pageToken_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object parent_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the AuthorizationPolicies
+     * should be listed, specified in the format
+     * `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The parent.
+     */
+    public java.lang.String getParent() {
+      java.lang.Object ref = parent_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        parent_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the AuthorizationPolicies
+     * should be listed, specified in the format
+     * `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for parent.
+     */
+    public com.google.protobuf.ByteString getParentBytes() {
+      java.lang.Object ref = parent_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        parent_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the AuthorizationPolicies
+     * should be listed, specified in the format
+     * `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParent(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the AuthorizationPolicies
+     * should be listed, specified in the format
+     * `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearParent() {
+
+      parent_ = getDefaultInstance().getParent();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the AuthorizationPolicies
+     * should be listed, specified in the format
+     * `projects/{project}/locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParentBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+
+    private int pageSize_;
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of AuthorizationPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @return The pageSize.
+     */
+    @java.lang.Override
+    public int getPageSize() {
+      return pageSize_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of AuthorizationPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @param value The pageSize to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageSize(int value) {
+
+      pageSize_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of AuthorizationPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearPageSize() {
+
+      pageSize_ = 0;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object pageToken_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last
+     * `ListAuthorizationPoliciesResponse` Indicates that this is a
+     * continuation of a prior `ListAuthorizationPolicies` call, and
+     * that the system should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return The pageToken.
+     */
+    public java.lang.String getPageToken() {
+      java.lang.Object ref = pageToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        pageToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last
+     * `ListAuthorizationPoliciesResponse` Indicates that this is a
+     * continuation of a prior `ListAuthorizationPolicies` call, and
+     * that the system should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return The bytes for pageToken.
+     */
+    public com.google.protobuf.ByteString getPageTokenBytes() {
+      java.lang.Object ref = pageToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        pageToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last
+     * `ListAuthorizationPoliciesResponse` Indicates that this is a
+     * continuation of a prior `ListAuthorizationPolicies` call, and
+     * that the system should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @param value The pageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageToken(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      pageToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last
+     * `ListAuthorizationPoliciesResponse` Indicates that this is a
+     * continuation of a prior `ListAuthorizationPolicies` call, and
+     * that the system should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearPageToken() {
+
+      pageToken_ = getDefaultInstance().getPageToken();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last
+     * `ListAuthorizationPoliciesResponse` Indicates that this is a
+     * continuation of a prior `ListAuthorizationPolicies` call, and
+     * that the system should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @param value The bytes for pageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageTokenBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      pageToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest)
+  private static final com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ListAuthorizationPoliciesRequest> PARSER =
+      new com.google.protobuf.AbstractParser<ListAuthorizationPoliciesRequest>() {
+        @java.lang.Override
+        public ListAuthorizationPoliciesRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ListAuthorizationPoliciesRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ListAuthorizationPoliciesRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ListAuthorizationPoliciesRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequestOrBuilder.java
new file mode 100644
index 000000000000..01979f771956
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesRequestOrBuilder.java
@@ -0,0 +1,102 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ListAuthorizationPoliciesRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ListAuthorizationPoliciesRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the AuthorizationPolicies
+   * should be listed, specified in the format
+   * `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  java.lang.String getParent();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the AuthorizationPolicies
+   * should be listed, specified in the format
+   * `projects/{project}/locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  com.google.protobuf.ByteString getParentBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Maximum number of AuthorizationPolicies to return per call.
+   * </pre>
+   *
+   * <code>int32 page_size = 2;</code>
+   *
+   * @return The pageSize.
+   */
+  int getPageSize();
+
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last
+   * `ListAuthorizationPoliciesResponse` Indicates that this is a
+   * continuation of a prior `ListAuthorizationPolicies` call, and
+   * that the system should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The pageToken.
+   */
+  java.lang.String getPageToken();
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last
+   * `ListAuthorizationPoliciesResponse` Indicates that this is a
+   * continuation of a prior `ListAuthorizationPolicies` call, and
+   * that the system should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The bytes for pageToken.
+   */
+  com.google.protobuf.ByteString getPageTokenBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponse.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponse.java
new file mode 100644
index 000000000000..a52da94cd931
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponse.java
@@ -0,0 +1,1227 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Response returned by the ListAuthorizationPolicies method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse}
+ */
+public final class ListAuthorizationPoliciesResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse)
+    ListAuthorizationPoliciesResponseOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ListAuthorizationPoliciesResponse.newBuilder() to construct.
+  private ListAuthorizationPoliciesResponse(
+      com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ListAuthorizationPoliciesResponse() {
+    authorizationPolicies_ = java.util.Collections.emptyList();
+    nextPageToken_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ListAuthorizationPoliciesResponse();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ListAuthorizationPoliciesResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                authorizationPolicies_ =
+                    new java.util.ArrayList<
+                        com.google.cloud.networksecurity.v1.AuthorizationPolicy>();
+                mutable_bitField0_ |= 0x00000001;
+              }
+              authorizationPolicies_.add(
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.AuthorizationPolicy.parser(),
+                      extensionRegistry));
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              nextPageToken_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000001) != 0)) {
+        authorizationPolicies_ = java.util.Collections.unmodifiableList(authorizationPolicies_);
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse.class,
+            com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse.Builder.class);
+  }
+
+  public static final int AUTHORIZATION_POLICIES_FIELD_NUMBER = 1;
+  private java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+      authorizationPolicies_;
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  @java.lang.Override
+  public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+      getAuthorizationPoliciesList() {
+    return authorizationPolicies_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  @java.lang.Override
+  public java.util.List<? extends com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+      getAuthorizationPoliciesOrBuilderList() {
+    return authorizationPolicies_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  @java.lang.Override
+  public int getAuthorizationPoliciesCount() {
+    return authorizationPolicies_.size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicies(
+      int index) {
+    return authorizationPolicies_.get(index);
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+      getAuthorizationPoliciesOrBuilder(int index) {
+    return authorizationPolicies_.get(index);
+  }
+
+  public static final int NEXT_PAGE_TOKEN_FIELD_NUMBER = 2;
+  private volatile java.lang.Object nextPageToken_;
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The nextPageToken.
+   */
+  @java.lang.Override
+  public java.lang.String getNextPageToken() {
+    java.lang.Object ref = nextPageToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      nextPageToken_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The bytes for nextPageToken.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNextPageTokenBytes() {
+    java.lang.Object ref = nextPageToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      nextPageToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    for (int i = 0; i < authorizationPolicies_.size(); i++) {
+      output.writeMessage(1, authorizationPolicies_.get(i));
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(nextPageToken_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, nextPageToken_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    for (int i = 0; i < authorizationPolicies_.size(); i++) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(
+              1, authorizationPolicies_.get(i));
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(nextPageToken_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, nextPageToken_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse other =
+        (com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse) obj;
+
+    if (!getAuthorizationPoliciesList().equals(other.getAuthorizationPoliciesList())) return false;
+    if (!getNextPageToken().equals(other.getNextPageToken())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    if (getAuthorizationPoliciesCount() > 0) {
+      hash = (37 * hash) + AUTHORIZATION_POLICIES_FIELD_NUMBER;
+      hash = (53 * hash) + getAuthorizationPoliciesList().hashCode();
+    }
+    hash = (37 * hash) + NEXT_PAGE_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getNextPageToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Response returned by the ListAuthorizationPolicies method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse)
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse.class,
+              com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {
+        getAuthorizationPoliciesFieldBuilder();
+      }
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      if (authorizationPoliciesBuilder_ == null) {
+        authorizationPolicies_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000001);
+      } else {
+        authorizationPoliciesBuilder_.clear();
+      }
+      nextPageToken_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListAuthorizationPoliciesResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+          .getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse build() {
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse buildPartial() {
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse result =
+          new com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse(this);
+      int from_bitField0_ = bitField0_;
+      if (authorizationPoliciesBuilder_ == null) {
+        if (((bitField0_ & 0x00000001) != 0)) {
+          authorizationPolicies_ = java.util.Collections.unmodifiableList(authorizationPolicies_);
+          bitField0_ = (bitField0_ & ~0x00000001);
+        }
+        result.authorizationPolicies_ = authorizationPolicies_;
+      } else {
+        result.authorizationPolicies_ = authorizationPoliciesBuilder_.build();
+      }
+      result.nextPageToken_ = nextPageToken_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse) {
+        return mergeFrom(
+            (com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+              .getDefaultInstance()) return this;
+      if (authorizationPoliciesBuilder_ == null) {
+        if (!other.authorizationPolicies_.isEmpty()) {
+          if (authorizationPolicies_.isEmpty()) {
+            authorizationPolicies_ = other.authorizationPolicies_;
+            bitField0_ = (bitField0_ & ~0x00000001);
+          } else {
+            ensureAuthorizationPoliciesIsMutable();
+            authorizationPolicies_.addAll(other.authorizationPolicies_);
+          }
+          onChanged();
+        }
+      } else {
+        if (!other.authorizationPolicies_.isEmpty()) {
+          if (authorizationPoliciesBuilder_.isEmpty()) {
+            authorizationPoliciesBuilder_.dispose();
+            authorizationPoliciesBuilder_ = null;
+            authorizationPolicies_ = other.authorizationPolicies_;
+            bitField0_ = (bitField0_ & ~0x00000001);
+            authorizationPoliciesBuilder_ =
+                com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                    ? getAuthorizationPoliciesFieldBuilder()
+                    : null;
+          } else {
+            authorizationPoliciesBuilder_.addAllMessages(other.authorizationPolicies_);
+          }
+        }
+      }
+      if (!other.getNextPageToken().isEmpty()) {
+        nextPageToken_ = other.nextPageToken_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int bitField0_;
+
+    private java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+        authorizationPolicies_ = java.util.Collections.emptyList();
+
+    private void ensureAuthorizationPoliciesIsMutable() {
+      if (!((bitField0_ & 0x00000001) != 0)) {
+        authorizationPolicies_ =
+            new java.util.ArrayList<com.google.cloud.networksecurity.v1.AuthorizationPolicy>(
+                authorizationPolicies_);
+        bitField0_ |= 0x00000001;
+      }
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+        authorizationPoliciesBuilder_;
+
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+        getAuthorizationPoliciesList() {
+      if (authorizationPoliciesBuilder_ == null) {
+        return java.util.Collections.unmodifiableList(authorizationPolicies_);
+      } else {
+        return authorizationPoliciesBuilder_.getMessageList();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public int getAuthorizationPoliciesCount() {
+      if (authorizationPoliciesBuilder_ == null) {
+        return authorizationPolicies_.size();
+      } else {
+        return authorizationPoliciesBuilder_.getCount();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicies(
+        int index) {
+      if (authorizationPoliciesBuilder_ == null) {
+        return authorizationPolicies_.get(index);
+      } else {
+        return authorizationPoliciesBuilder_.getMessage(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder setAuthorizationPolicies(
+        int index, com.google.cloud.networksecurity.v1.AuthorizationPolicy value) {
+      if (authorizationPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureAuthorizationPoliciesIsMutable();
+        authorizationPolicies_.set(index, value);
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.setMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder setAuthorizationPolicies(
+        int index,
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder builderForValue) {
+      if (authorizationPoliciesBuilder_ == null) {
+        ensureAuthorizationPoliciesIsMutable();
+        authorizationPolicies_.set(index, builderForValue.build());
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.setMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder addAuthorizationPolicies(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy value) {
+      if (authorizationPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureAuthorizationPoliciesIsMutable();
+        authorizationPolicies_.add(value);
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.addMessage(value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder addAuthorizationPolicies(
+        int index, com.google.cloud.networksecurity.v1.AuthorizationPolicy value) {
+      if (authorizationPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureAuthorizationPoliciesIsMutable();
+        authorizationPolicies_.add(index, value);
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.addMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder addAuthorizationPolicies(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder builderForValue) {
+      if (authorizationPoliciesBuilder_ == null) {
+        ensureAuthorizationPoliciesIsMutable();
+        authorizationPolicies_.add(builderForValue.build());
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.addMessage(builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder addAuthorizationPolicies(
+        int index,
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder builderForValue) {
+      if (authorizationPoliciesBuilder_ == null) {
+        ensureAuthorizationPoliciesIsMutable();
+        authorizationPolicies_.add(index, builderForValue.build());
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.addMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder addAllAuthorizationPolicies(
+        java.lang.Iterable<? extends com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+            values) {
+      if (authorizationPoliciesBuilder_ == null) {
+        ensureAuthorizationPoliciesIsMutable();
+        com.google.protobuf.AbstractMessageLite.Builder.addAll(values, authorizationPolicies_);
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.addAllMessages(values);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder clearAuthorizationPolicies() {
+      if (authorizationPoliciesBuilder_ == null) {
+        authorizationPolicies_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000001);
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public Builder removeAuthorizationPolicies(int index) {
+      if (authorizationPoliciesBuilder_ == null) {
+        ensureAuthorizationPoliciesIsMutable();
+        authorizationPolicies_.remove(index);
+        onChanged();
+      } else {
+        authorizationPoliciesBuilder_.remove(index);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder
+        getAuthorizationPoliciesBuilder(int index) {
+      return getAuthorizationPoliciesFieldBuilder().getBuilder(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+        getAuthorizationPoliciesOrBuilder(int index) {
+      if (authorizationPoliciesBuilder_ == null) {
+        return authorizationPolicies_.get(index);
+      } else {
+        return authorizationPoliciesBuilder_.getMessageOrBuilder(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public java.util.List<
+            ? extends com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+        getAuthorizationPoliciesOrBuilderList() {
+      if (authorizationPoliciesBuilder_ != null) {
+        return authorizationPoliciesBuilder_.getMessageOrBuilderList();
+      } else {
+        return java.util.Collections.unmodifiableList(authorizationPolicies_);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder
+        addAuthorizationPoliciesBuilder() {
+      return getAuthorizationPoliciesFieldBuilder()
+          .addBuilder(com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder
+        addAuthorizationPoliciesBuilder(int index) {
+      return getAuthorizationPoliciesFieldBuilder()
+          .addBuilder(
+              index, com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of AuthorizationPolicies resources.
+     * </pre>
+     *
+     * <code>
+     * repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder>
+        getAuthorizationPoliciesBuilderList() {
+      return getAuthorizationPoliciesFieldBuilder().getBuilderList();
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+        getAuthorizationPoliciesFieldBuilder() {
+      if (authorizationPoliciesBuilder_ == null) {
+        authorizationPoliciesBuilder_ =
+            new com.google.protobuf.RepeatedFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>(
+                authorizationPolicies_,
+                ((bitField0_ & 0x00000001) != 0),
+                getParentForChildren(),
+                isClean());
+        authorizationPolicies_ = null;
+      }
+      return authorizationPoliciesBuilder_;
+    }
+
+    private java.lang.Object nextPageToken_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return The nextPageToken.
+     */
+    public java.lang.String getNextPageToken() {
+      java.lang.Object ref = nextPageToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        nextPageToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return The bytes for nextPageToken.
+     */
+    public com.google.protobuf.ByteString getNextPageTokenBytes() {
+      java.lang.Object ref = nextPageToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        nextPageToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @param value The nextPageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNextPageToken(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      nextPageToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearNextPageToken() {
+
+      nextPageToken_ = getDefaultInstance().getNextPageToken();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @param value The bytes for nextPageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNextPageTokenBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      nextPageToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse)
+  private static final com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ListAuthorizationPoliciesResponse> PARSER =
+      new com.google.protobuf.AbstractParser<ListAuthorizationPoliciesResponse>() {
+        @java.lang.Override
+        public ListAuthorizationPoliciesResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ListAuthorizationPoliciesResponse(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ListAuthorizationPoliciesResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ListAuthorizationPoliciesResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponseOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponseOrBuilder.java
new file mode 100644
index 000000000000..eb3926a8771f
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListAuthorizationPoliciesResponseOrBuilder.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ListAuthorizationPoliciesResponseOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ListAuthorizationPoliciesResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  java.util.List<com.google.cloud.networksecurity.v1.AuthorizationPolicy>
+      getAuthorizationPoliciesList();
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicies(int index);
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  int getAuthorizationPoliciesCount();
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  java.util.List<? extends com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+      getAuthorizationPoliciesOrBuilderList();
+  /**
+   *
+   *
+   * <pre>
+   * List of AuthorizationPolicies resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policies = 1;
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+      getAuthorizationPoliciesOrBuilder(int index);
+
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The nextPageToken.
+   */
+  java.lang.String getNextPageToken();
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The bytes for nextPageToken.
+   */
+  com.google.protobuf.ByteString getNextPageTokenBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequest.java
new file mode 100644
index 000000000000..0864b1ed3473
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequest.java
@@ -0,0 +1,957 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the ListClientTlsPolicies method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest}
+ */
+public final class ListClientTlsPoliciesRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest)
+    ListClientTlsPoliciesRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ListClientTlsPoliciesRequest.newBuilder() to construct.
+  private ListClientTlsPoliciesRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ListClientTlsPoliciesRequest() {
+    parent_ = "";
+    pageToken_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ListClientTlsPoliciesRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ListClientTlsPoliciesRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              parent_ = s;
+              break;
+            }
+          case 16:
+            {
+              pageSize_ = input.readInt32();
+              break;
+            }
+          case 26:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              pageToken_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.class,
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.Builder.class);
+  }
+
+  public static final int PARENT_FIELD_NUMBER = 1;
+  private volatile java.lang.Object parent_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ClientTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  @java.lang.Override
+  public java.lang.String getParent() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      parent_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ClientTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getParentBytes() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      parent_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int PAGE_SIZE_FIELD_NUMBER = 2;
+  private int pageSize_;
+  /**
+   *
+   *
+   * <pre>
+   * Maximum number of ClientTlsPolicies to return per call.
+   * </pre>
+   *
+   * <code>int32 page_size = 2;</code>
+   *
+   * @return The pageSize.
+   */
+  @java.lang.Override
+  public int getPageSize() {
+    return pageSize_;
+  }
+
+  public static final int PAGE_TOKEN_FIELD_NUMBER = 3;
+  private volatile java.lang.Object pageToken_;
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListClientTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListClientTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The pageToken.
+   */
+  @java.lang.Override
+  public java.lang.String getPageToken() {
+    java.lang.Object ref = pageToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      pageToken_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListClientTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListClientTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The bytes for pageToken.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getPageTokenBytes() {
+    java.lang.Object ref = pageToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      pageToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, parent_);
+    }
+    if (pageSize_ != 0) {
+      output.writeInt32(2, pageSize_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pageToken_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, pageToken_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, parent_);
+    }
+    if (pageSize_ != 0) {
+      size += com.google.protobuf.CodedOutputStream.computeInt32Size(2, pageSize_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pageToken_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, pageToken_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest other =
+        (com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest) obj;
+
+    if (!getParent().equals(other.getParent())) return false;
+    if (getPageSize() != other.getPageSize()) return false;
+    if (!getPageToken().equals(other.getPageToken())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PARENT_FIELD_NUMBER;
+    hash = (53 * hash) + getParent().hashCode();
+    hash = (37 * hash) + PAGE_SIZE_FIELD_NUMBER;
+    hash = (53 * hash) + getPageSize();
+    hash = (37 * hash) + PAGE_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getPageToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the ListClientTlsPolicies method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest)
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.class,
+              com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      parent_ = "";
+
+      pageSize_ = 0;
+
+      pageToken_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest build() {
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest result =
+          new com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest(this);
+      result.parent_ = parent_;
+      result.pageSize_ = pageSize_;
+      result.pageToken_ = pageToken_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest.getDefaultInstance())
+        return this;
+      if (!other.getParent().isEmpty()) {
+        parent_ = other.parent_;
+        onChanged();
+      }
+      if (other.getPageSize() != 0) {
+        setPageSize(other.getPageSize());
+      }
+      if (!other.getPageToken().isEmpty()) {
+        pageToken_ = other.pageToken_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object parent_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ClientTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The parent.
+     */
+    public java.lang.String getParent() {
+      java.lang.Object ref = parent_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        parent_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ClientTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for parent.
+     */
+    public com.google.protobuf.ByteString getParentBytes() {
+      java.lang.Object ref = parent_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        parent_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ClientTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParent(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ClientTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearParent() {
+
+      parent_ = getDefaultInstance().getParent();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ClientTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParentBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+
+    private int pageSize_;
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of ClientTlsPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @return The pageSize.
+     */
+    @java.lang.Override
+    public int getPageSize() {
+      return pageSize_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of ClientTlsPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @param value The pageSize to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageSize(int value) {
+
+      pageSize_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of ClientTlsPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearPageSize() {
+
+      pageSize_ = 0;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object pageToken_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListClientTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListClientTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return The pageToken.
+     */
+    public java.lang.String getPageToken() {
+      java.lang.Object ref = pageToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        pageToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListClientTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListClientTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return The bytes for pageToken.
+     */
+    public com.google.protobuf.ByteString getPageTokenBytes() {
+      java.lang.Object ref = pageToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        pageToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListClientTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListClientTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @param value The pageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageToken(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      pageToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListClientTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListClientTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearPageToken() {
+
+      pageToken_ = getDefaultInstance().getPageToken();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListClientTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListClientTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @param value The bytes for pageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageTokenBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      pageToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest)
+  private static final com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ListClientTlsPoliciesRequest> PARSER =
+      new com.google.protobuf.AbstractParser<ListClientTlsPoliciesRequest>() {
+        @java.lang.Override
+        public ListClientTlsPoliciesRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ListClientTlsPoliciesRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ListClientTlsPoliciesRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ListClientTlsPoliciesRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequestOrBuilder.java
new file mode 100644
index 000000000000..f880f4db9adb
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesRequestOrBuilder.java
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ListClientTlsPoliciesRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ListClientTlsPoliciesRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ClientTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  java.lang.String getParent();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ClientTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  com.google.protobuf.ByteString getParentBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Maximum number of ClientTlsPolicies to return per call.
+   * </pre>
+   *
+   * <code>int32 page_size = 2;</code>
+   *
+   * @return The pageSize.
+   */
+  int getPageSize();
+
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListClientTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListClientTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The pageToken.
+   */
+  java.lang.String getPageToken();
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListClientTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListClientTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The bytes for pageToken.
+   */
+  com.google.protobuf.ByteString getPageTokenBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponse.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponse.java
new file mode 100644
index 000000000000..5e9125fb4471
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponse.java
@@ -0,0 +1,1191 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Response returned by the ListClientTlsPolicies method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse}
+ */
+public final class ListClientTlsPoliciesResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse)
+    ListClientTlsPoliciesResponseOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ListClientTlsPoliciesResponse.newBuilder() to construct.
+  private ListClientTlsPoliciesResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ListClientTlsPoliciesResponse() {
+    clientTlsPolicies_ = java.util.Collections.emptyList();
+    nextPageToken_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ListClientTlsPoliciesResponse();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ListClientTlsPoliciesResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                clientTlsPolicies_ =
+                    new java.util.ArrayList<com.google.cloud.networksecurity.v1.ClientTlsPolicy>();
+                mutable_bitField0_ |= 0x00000001;
+              }
+              clientTlsPolicies_.add(
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ClientTlsPolicy.parser(),
+                      extensionRegistry));
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              nextPageToken_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000001) != 0)) {
+        clientTlsPolicies_ = java.util.Collections.unmodifiableList(clientTlsPolicies_);
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.class,
+            com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.Builder.class);
+  }
+
+  public static final int CLIENT_TLS_POLICIES_FIELD_NUMBER = 1;
+  private java.util.List<com.google.cloud.networksecurity.v1.ClientTlsPolicy> clientTlsPolicies_;
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public java.util.List<com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+      getClientTlsPoliciesList() {
+    return clientTlsPolicies_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public java.util.List<? extends com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+      getClientTlsPoliciesOrBuilderList() {
+    return clientTlsPolicies_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public int getClientTlsPoliciesCount() {
+    return clientTlsPolicies_.size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicies(int index) {
+    return clientTlsPolicies_.get(index);
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder getClientTlsPoliciesOrBuilder(
+      int index) {
+    return clientTlsPolicies_.get(index);
+  }
+
+  public static final int NEXT_PAGE_TOKEN_FIELD_NUMBER = 2;
+  private volatile java.lang.Object nextPageToken_;
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The nextPageToken.
+   */
+  @java.lang.Override
+  public java.lang.String getNextPageToken() {
+    java.lang.Object ref = nextPageToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      nextPageToken_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The bytes for nextPageToken.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNextPageTokenBytes() {
+    java.lang.Object ref = nextPageToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      nextPageToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    for (int i = 0; i < clientTlsPolicies_.size(); i++) {
+      output.writeMessage(1, clientTlsPolicies_.get(i));
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(nextPageToken_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, nextPageToken_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    for (int i = 0; i < clientTlsPolicies_.size(); i++) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(1, clientTlsPolicies_.get(i));
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(nextPageToken_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, nextPageToken_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse other =
+        (com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse) obj;
+
+    if (!getClientTlsPoliciesList().equals(other.getClientTlsPoliciesList())) return false;
+    if (!getNextPageToken().equals(other.getNextPageToken())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    if (getClientTlsPoliciesCount() > 0) {
+      hash = (37 * hash) + CLIENT_TLS_POLICIES_FIELD_NUMBER;
+      hash = (53 * hash) + getClientTlsPoliciesList().hashCode();
+    }
+    hash = (37 * hash) + NEXT_PAGE_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getNextPageToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Response returned by the ListClientTlsPolicies method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse)
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.class,
+              com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {
+        getClientTlsPoliciesFieldBuilder();
+      }
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      if (clientTlsPoliciesBuilder_ == null) {
+        clientTlsPolicies_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000001);
+      } else {
+        clientTlsPoliciesBuilder_.clear();
+      }
+      nextPageToken_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListClientTlsPoliciesResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse build() {
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse buildPartial() {
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse result =
+          new com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse(this);
+      int from_bitField0_ = bitField0_;
+      if (clientTlsPoliciesBuilder_ == null) {
+        if (((bitField0_ & 0x00000001) != 0)) {
+          clientTlsPolicies_ = java.util.Collections.unmodifiableList(clientTlsPolicies_);
+          bitField0_ = (bitField0_ & ~0x00000001);
+        }
+        result.clientTlsPolicies_ = clientTlsPolicies_;
+      } else {
+        result.clientTlsPolicies_ = clientTlsPoliciesBuilder_.build();
+      }
+      result.nextPageToken_ = nextPageToken_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse.getDefaultInstance())
+        return this;
+      if (clientTlsPoliciesBuilder_ == null) {
+        if (!other.clientTlsPolicies_.isEmpty()) {
+          if (clientTlsPolicies_.isEmpty()) {
+            clientTlsPolicies_ = other.clientTlsPolicies_;
+            bitField0_ = (bitField0_ & ~0x00000001);
+          } else {
+            ensureClientTlsPoliciesIsMutable();
+            clientTlsPolicies_.addAll(other.clientTlsPolicies_);
+          }
+          onChanged();
+        }
+      } else {
+        if (!other.clientTlsPolicies_.isEmpty()) {
+          if (clientTlsPoliciesBuilder_.isEmpty()) {
+            clientTlsPoliciesBuilder_.dispose();
+            clientTlsPoliciesBuilder_ = null;
+            clientTlsPolicies_ = other.clientTlsPolicies_;
+            bitField0_ = (bitField0_ & ~0x00000001);
+            clientTlsPoliciesBuilder_ =
+                com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                    ? getClientTlsPoliciesFieldBuilder()
+                    : null;
+          } else {
+            clientTlsPoliciesBuilder_.addAllMessages(other.clientTlsPolicies_);
+          }
+        }
+      }
+      if (!other.getNextPageToken().isEmpty()) {
+        nextPageToken_ = other.nextPageToken_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int bitField0_;
+
+    private java.util.List<com.google.cloud.networksecurity.v1.ClientTlsPolicy> clientTlsPolicies_ =
+        java.util.Collections.emptyList();
+
+    private void ensureClientTlsPoliciesIsMutable() {
+      if (!((bitField0_ & 0x00000001) != 0)) {
+        clientTlsPolicies_ =
+            new java.util.ArrayList<com.google.cloud.networksecurity.v1.ClientTlsPolicy>(
+                clientTlsPolicies_);
+        bitField0_ |= 0x00000001;
+      }
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+        clientTlsPoliciesBuilder_;
+
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.ClientTlsPolicy>
+        getClientTlsPoliciesList() {
+      if (clientTlsPoliciesBuilder_ == null) {
+        return java.util.Collections.unmodifiableList(clientTlsPolicies_);
+      } else {
+        return clientTlsPoliciesBuilder_.getMessageList();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public int getClientTlsPoliciesCount() {
+      if (clientTlsPoliciesBuilder_ == null) {
+        return clientTlsPolicies_.size();
+      } else {
+        return clientTlsPoliciesBuilder_.getCount();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicies(int index) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        return clientTlsPolicies_.get(index);
+      } else {
+        return clientTlsPoliciesBuilder_.getMessage(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder setClientTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ClientTlsPolicy value) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureClientTlsPoliciesIsMutable();
+        clientTlsPolicies_.set(index, value);
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.setMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder setClientTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder builderForValue) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        ensureClientTlsPoliciesIsMutable();
+        clientTlsPolicies_.set(index, builderForValue.build());
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.setMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder addClientTlsPolicies(com.google.cloud.networksecurity.v1.ClientTlsPolicy value) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureClientTlsPoliciesIsMutable();
+        clientTlsPolicies_.add(value);
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.addMessage(value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder addClientTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ClientTlsPolicy value) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureClientTlsPoliciesIsMutable();
+        clientTlsPolicies_.add(index, value);
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.addMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder addClientTlsPolicies(
+        com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder builderForValue) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        ensureClientTlsPoliciesIsMutable();
+        clientTlsPolicies_.add(builderForValue.build());
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.addMessage(builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder addClientTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder builderForValue) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        ensureClientTlsPoliciesIsMutable();
+        clientTlsPolicies_.add(index, builderForValue.build());
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.addMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder addAllClientTlsPolicies(
+        java.lang.Iterable<? extends com.google.cloud.networksecurity.v1.ClientTlsPolicy> values) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        ensureClientTlsPoliciesIsMutable();
+        com.google.protobuf.AbstractMessageLite.Builder.addAll(values, clientTlsPolicies_);
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.addAllMessages(values);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder clearClientTlsPolicies() {
+      if (clientTlsPoliciesBuilder_ == null) {
+        clientTlsPolicies_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000001);
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public Builder removeClientTlsPolicies(int index) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        ensureClientTlsPoliciesIsMutable();
+        clientTlsPolicies_.remove(index);
+        onChanged();
+      } else {
+        clientTlsPoliciesBuilder_.remove(index);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder getClientTlsPoliciesBuilder(
+        int index) {
+      return getClientTlsPoliciesFieldBuilder().getBuilder(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder
+        getClientTlsPoliciesOrBuilder(int index) {
+      if (clientTlsPoliciesBuilder_ == null) {
+        return clientTlsPolicies_.get(index);
+      } else {
+        return clientTlsPoliciesBuilder_.getMessageOrBuilder(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public java.util.List<? extends com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+        getClientTlsPoliciesOrBuilderList() {
+      if (clientTlsPoliciesBuilder_ != null) {
+        return clientTlsPoliciesBuilder_.getMessageOrBuilderList();
+      } else {
+        return java.util.Collections.unmodifiableList(clientTlsPolicies_);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder
+        addClientTlsPoliciesBuilder() {
+      return getClientTlsPoliciesFieldBuilder()
+          .addBuilder(com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder addClientTlsPoliciesBuilder(
+        int index) {
+      return getClientTlsPoliciesFieldBuilder()
+          .addBuilder(
+              index, com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ClientTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder>
+        getClientTlsPoliciesBuilderList() {
+      return getClientTlsPoliciesFieldBuilder().getBuilderList();
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+        getClientTlsPoliciesFieldBuilder() {
+      if (clientTlsPoliciesBuilder_ == null) {
+        clientTlsPoliciesBuilder_ =
+            new com.google.protobuf.RepeatedFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+                com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+                com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>(
+                clientTlsPolicies_,
+                ((bitField0_ & 0x00000001) != 0),
+                getParentForChildren(),
+                isClean());
+        clientTlsPolicies_ = null;
+      }
+      return clientTlsPoliciesBuilder_;
+    }
+
+    private java.lang.Object nextPageToken_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return The nextPageToken.
+     */
+    public java.lang.String getNextPageToken() {
+      java.lang.Object ref = nextPageToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        nextPageToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return The bytes for nextPageToken.
+     */
+    public com.google.protobuf.ByteString getNextPageTokenBytes() {
+      java.lang.Object ref = nextPageToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        nextPageToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @param value The nextPageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNextPageToken(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      nextPageToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearNextPageToken() {
+
+      nextPageToken_ = getDefaultInstance().getNextPageToken();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @param value The bytes for nextPageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNextPageTokenBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      nextPageToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse)
+  private static final com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ListClientTlsPoliciesResponse> PARSER =
+      new com.google.protobuf.AbstractParser<ListClientTlsPoliciesResponse>() {
+        @java.lang.Override
+        public ListClientTlsPoliciesResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ListClientTlsPoliciesResponse(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ListClientTlsPoliciesResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ListClientTlsPoliciesResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponseOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponseOrBuilder.java
new file mode 100644
index 000000000000..d72ad3481652
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListClientTlsPoliciesResponseOrBuilder.java
@@ -0,0 +1,107 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ListClientTlsPoliciesResponseOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ListClientTlsPoliciesResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  java.util.List<com.google.cloud.networksecurity.v1.ClientTlsPolicy> getClientTlsPoliciesList();
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicies(int index);
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  int getClientTlsPoliciesCount();
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  java.util.List<? extends com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+      getClientTlsPoliciesOrBuilderList();
+  /**
+   *
+   *
+   * <pre>
+   * List of ClientTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policies = 1;</code>
+   */
+  com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder getClientTlsPoliciesOrBuilder(
+      int index);
+
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The nextPageToken.
+   */
+  java.lang.String getNextPageToken();
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The bytes for nextPageToken.
+   */
+  com.google.protobuf.ByteString getNextPageTokenBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequest.java
new file mode 100644
index 000000000000..6a908414f24b
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequest.java
@@ -0,0 +1,957 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the ListServerTlsPolicies method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest}
+ */
+public final class ListServerTlsPoliciesRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest)
+    ListServerTlsPoliciesRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ListServerTlsPoliciesRequest.newBuilder() to construct.
+  private ListServerTlsPoliciesRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ListServerTlsPoliciesRequest() {
+    parent_ = "";
+    pageToken_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ListServerTlsPoliciesRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ListServerTlsPoliciesRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              parent_ = s;
+              break;
+            }
+          case 16:
+            {
+              pageSize_ = input.readInt32();
+              break;
+            }
+          case 26:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              pageToken_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.class,
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.Builder.class);
+  }
+
+  public static final int PARENT_FIELD_NUMBER = 1;
+  private volatile java.lang.Object parent_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ServerTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  @java.lang.Override
+  public java.lang.String getParent() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      parent_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ServerTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getParentBytes() {
+    java.lang.Object ref = parent_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      parent_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int PAGE_SIZE_FIELD_NUMBER = 2;
+  private int pageSize_;
+  /**
+   *
+   *
+   * <pre>
+   * Maximum number of ServerTlsPolicies to return per call.
+   * </pre>
+   *
+   * <code>int32 page_size = 2;</code>
+   *
+   * @return The pageSize.
+   */
+  @java.lang.Override
+  public int getPageSize() {
+    return pageSize_;
+  }
+
+  public static final int PAGE_TOKEN_FIELD_NUMBER = 3;
+  private volatile java.lang.Object pageToken_;
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListServerTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListServerTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The pageToken.
+   */
+  @java.lang.Override
+  public java.lang.String getPageToken() {
+    java.lang.Object ref = pageToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      pageToken_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListServerTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListServerTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The bytes for pageToken.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getPageTokenBytes() {
+    java.lang.Object ref = pageToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      pageToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, parent_);
+    }
+    if (pageSize_ != 0) {
+      output.writeInt32(2, pageSize_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pageToken_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, pageToken_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(parent_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, parent_);
+    }
+    if (pageSize_ != 0) {
+      size += com.google.protobuf.CodedOutputStream.computeInt32Size(2, pageSize_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(pageToken_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, pageToken_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest other =
+        (com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest) obj;
+
+    if (!getParent().equals(other.getParent())) return false;
+    if (getPageSize() != other.getPageSize()) return false;
+    if (!getPageToken().equals(other.getPageToken())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + PARENT_FIELD_NUMBER;
+    hash = (53 * hash) + getParent().hashCode();
+    hash = (37 * hash) + PAGE_SIZE_FIELD_NUMBER;
+    hash = (53 * hash) + getPageSize();
+    hash = (37 * hash) + PAGE_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getPageToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the ListServerTlsPolicies method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest)
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.class,
+              com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      parent_ = "";
+
+      pageSize_ = 0;
+
+      pageToken_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest build() {
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest result =
+          new com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest(this);
+      result.parent_ = parent_;
+      result.pageSize_ = pageSize_;
+      result.pageToken_ = pageToken_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest.getDefaultInstance())
+        return this;
+      if (!other.getParent().isEmpty()) {
+        parent_ = other.parent_;
+        onChanged();
+      }
+      if (other.getPageSize() != 0) {
+        setPageSize(other.getPageSize());
+      }
+      if (!other.getPageToken().isEmpty()) {
+        pageToken_ = other.pageToken_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object parent_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ServerTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The parent.
+     */
+    public java.lang.String getParent() {
+      java.lang.Object ref = parent_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        parent_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ServerTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for parent.
+     */
+    public com.google.protobuf.ByteString getParentBytes() {
+      java.lang.Object ref = parent_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        parent_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ServerTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParent(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ServerTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearParent() {
+
+      parent_ = getDefaultInstance().getParent();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The project and location from which the ServerTlsPolicies should
+     * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+     * </pre>
+     *
+     * <code>
+     * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for parent to set.
+     * @return This builder for chaining.
+     */
+    public Builder setParentBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      parent_ = value;
+      onChanged();
+      return this;
+    }
+
+    private int pageSize_;
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of ServerTlsPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @return The pageSize.
+     */
+    @java.lang.Override
+    public int getPageSize() {
+      return pageSize_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of ServerTlsPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @param value The pageSize to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageSize(int value) {
+
+      pageSize_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Maximum number of ServerTlsPolicies to return per call.
+     * </pre>
+     *
+     * <code>int32 page_size = 2;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearPageSize() {
+
+      pageSize_ = 0;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object pageToken_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListServerTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListServerTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return The pageToken.
+     */
+    public java.lang.String getPageToken() {
+      java.lang.Object ref = pageToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        pageToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListServerTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListServerTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return The bytes for pageToken.
+     */
+    public com.google.protobuf.ByteString getPageTokenBytes() {
+      java.lang.Object ref = pageToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        pageToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListServerTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListServerTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @param value The pageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageToken(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      pageToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListServerTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListServerTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearPageToken() {
+
+      pageToken_ = getDefaultInstance().getPageToken();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The value returned by the last `ListServerTlsPoliciesResponse`
+     * Indicates that this is a continuation of a prior
+     * `ListServerTlsPolicies` call, and that the system
+     * should return the next page of data.
+     * </pre>
+     *
+     * <code>string page_token = 3;</code>
+     *
+     * @param value The bytes for pageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setPageTokenBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      pageToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest)
+  private static final com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ListServerTlsPoliciesRequest> PARSER =
+      new com.google.protobuf.AbstractParser<ListServerTlsPoliciesRequest>() {
+        @java.lang.Override
+        public ListServerTlsPoliciesRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ListServerTlsPoliciesRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ListServerTlsPoliciesRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ListServerTlsPoliciesRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequestOrBuilder.java
new file mode 100644
index 000000000000..8558be24e5f6
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesRequestOrBuilder.java
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ListServerTlsPoliciesRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ListServerTlsPoliciesRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ServerTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The parent.
+   */
+  java.lang.String getParent();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The project and location from which the ServerTlsPolicies should
+   * be listed, specified in the format `projects/&#42;&#47;locations/{location}`.
+   * </pre>
+   *
+   * <code>
+   * string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for parent.
+   */
+  com.google.protobuf.ByteString getParentBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Maximum number of ServerTlsPolicies to return per call.
+   * </pre>
+   *
+   * <code>int32 page_size = 2;</code>
+   *
+   * @return The pageSize.
+   */
+  int getPageSize();
+
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListServerTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListServerTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The pageToken.
+   */
+  java.lang.String getPageToken();
+  /**
+   *
+   *
+   * <pre>
+   * The value returned by the last `ListServerTlsPoliciesResponse`
+   * Indicates that this is a continuation of a prior
+   * `ListServerTlsPolicies` call, and that the system
+   * should return the next page of data.
+   * </pre>
+   *
+   * <code>string page_token = 3;</code>
+   *
+   * @return The bytes for pageToken.
+   */
+  com.google.protobuf.ByteString getPageTokenBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponse.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponse.java
new file mode 100644
index 000000000000..318d90abec52
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponse.java
@@ -0,0 +1,1191 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Response returned by the ListServerTlsPolicies method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse}
+ */
+public final class ListServerTlsPoliciesResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse)
+    ListServerTlsPoliciesResponseOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ListServerTlsPoliciesResponse.newBuilder() to construct.
+  private ListServerTlsPoliciesResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ListServerTlsPoliciesResponse() {
+    serverTlsPolicies_ = java.util.Collections.emptyList();
+    nextPageToken_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ListServerTlsPoliciesResponse();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ListServerTlsPoliciesResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                serverTlsPolicies_ =
+                    new java.util.ArrayList<com.google.cloud.networksecurity.v1.ServerTlsPolicy>();
+                mutable_bitField0_ |= 0x00000001;
+              }
+              serverTlsPolicies_.add(
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ServerTlsPolicy.parser(),
+                      extensionRegistry));
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              nextPageToken_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000001) != 0)) {
+        serverTlsPolicies_ = java.util.Collections.unmodifiableList(serverTlsPolicies_);
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.class,
+            com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.Builder.class);
+  }
+
+  public static final int SERVER_TLS_POLICIES_FIELD_NUMBER = 1;
+  private java.util.List<com.google.cloud.networksecurity.v1.ServerTlsPolicy> serverTlsPolicies_;
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public java.util.List<com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+      getServerTlsPoliciesList() {
+    return serverTlsPolicies_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public java.util.List<? extends com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+      getServerTlsPoliciesOrBuilderList() {
+    return serverTlsPolicies_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public int getServerTlsPoliciesCount() {
+    return serverTlsPolicies_.size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicies(int index) {
+    return serverTlsPolicies_.get(index);
+  }
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder getServerTlsPoliciesOrBuilder(
+      int index) {
+    return serverTlsPolicies_.get(index);
+  }
+
+  public static final int NEXT_PAGE_TOKEN_FIELD_NUMBER = 2;
+  private volatile java.lang.Object nextPageToken_;
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The nextPageToken.
+   */
+  @java.lang.Override
+  public java.lang.String getNextPageToken() {
+    java.lang.Object ref = nextPageToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      nextPageToken_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The bytes for nextPageToken.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNextPageTokenBytes() {
+    java.lang.Object ref = nextPageToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      nextPageToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    for (int i = 0; i < serverTlsPolicies_.size(); i++) {
+      output.writeMessage(1, serverTlsPolicies_.get(i));
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(nextPageToken_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, nextPageToken_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    for (int i = 0; i < serverTlsPolicies_.size(); i++) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(1, serverTlsPolicies_.get(i));
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(nextPageToken_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, nextPageToken_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse other =
+        (com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse) obj;
+
+    if (!getServerTlsPoliciesList().equals(other.getServerTlsPoliciesList())) return false;
+    if (!getNextPageToken().equals(other.getNextPageToken())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    if (getServerTlsPoliciesCount() > 0) {
+      hash = (37 * hash) + SERVER_TLS_POLICIES_FIELD_NUMBER;
+      hash = (53 * hash) + getServerTlsPoliciesList().hashCode();
+    }
+    hash = (37 * hash) + NEXT_PAGE_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getNextPageToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Response returned by the ListServerTlsPolicies method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse)
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.class,
+              com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {
+        getServerTlsPoliciesFieldBuilder();
+      }
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      if (serverTlsPoliciesBuilder_ == null) {
+        serverTlsPolicies_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000001);
+      } else {
+        serverTlsPoliciesBuilder_.clear();
+      }
+      nextPageToken_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse build() {
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse buildPartial() {
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse result =
+          new com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse(this);
+      int from_bitField0_ = bitField0_;
+      if (serverTlsPoliciesBuilder_ == null) {
+        if (((bitField0_ & 0x00000001) != 0)) {
+          serverTlsPolicies_ = java.util.Collections.unmodifiableList(serverTlsPolicies_);
+          bitField0_ = (bitField0_ & ~0x00000001);
+        }
+        result.serverTlsPolicies_ = serverTlsPolicies_;
+      } else {
+        result.serverTlsPolicies_ = serverTlsPoliciesBuilder_.build();
+      }
+      result.nextPageToken_ = nextPageToken_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse.getDefaultInstance())
+        return this;
+      if (serverTlsPoliciesBuilder_ == null) {
+        if (!other.serverTlsPolicies_.isEmpty()) {
+          if (serverTlsPolicies_.isEmpty()) {
+            serverTlsPolicies_ = other.serverTlsPolicies_;
+            bitField0_ = (bitField0_ & ~0x00000001);
+          } else {
+            ensureServerTlsPoliciesIsMutable();
+            serverTlsPolicies_.addAll(other.serverTlsPolicies_);
+          }
+          onChanged();
+        }
+      } else {
+        if (!other.serverTlsPolicies_.isEmpty()) {
+          if (serverTlsPoliciesBuilder_.isEmpty()) {
+            serverTlsPoliciesBuilder_.dispose();
+            serverTlsPoliciesBuilder_ = null;
+            serverTlsPolicies_ = other.serverTlsPolicies_;
+            bitField0_ = (bitField0_ & ~0x00000001);
+            serverTlsPoliciesBuilder_ =
+                com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                    ? getServerTlsPoliciesFieldBuilder()
+                    : null;
+          } else {
+            serverTlsPoliciesBuilder_.addAllMessages(other.serverTlsPolicies_);
+          }
+        }
+      }
+      if (!other.getNextPageToken().isEmpty()) {
+        nextPageToken_ = other.nextPageToken_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int bitField0_;
+
+    private java.util.List<com.google.cloud.networksecurity.v1.ServerTlsPolicy> serverTlsPolicies_ =
+        java.util.Collections.emptyList();
+
+    private void ensureServerTlsPoliciesIsMutable() {
+      if (!((bitField0_ & 0x00000001) != 0)) {
+        serverTlsPolicies_ =
+            new java.util.ArrayList<com.google.cloud.networksecurity.v1.ServerTlsPolicy>(
+                serverTlsPolicies_);
+        bitField0_ |= 0x00000001;
+      }
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+        serverTlsPoliciesBuilder_;
+
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.ServerTlsPolicy>
+        getServerTlsPoliciesList() {
+      if (serverTlsPoliciesBuilder_ == null) {
+        return java.util.Collections.unmodifiableList(serverTlsPolicies_);
+      } else {
+        return serverTlsPoliciesBuilder_.getMessageList();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public int getServerTlsPoliciesCount() {
+      if (serverTlsPoliciesBuilder_ == null) {
+        return serverTlsPolicies_.size();
+      } else {
+        return serverTlsPoliciesBuilder_.getCount();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicies(int index) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        return serverTlsPolicies_.get(index);
+      } else {
+        return serverTlsPoliciesBuilder_.getMessage(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder setServerTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ServerTlsPolicy value) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureServerTlsPoliciesIsMutable();
+        serverTlsPolicies_.set(index, value);
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.setMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder setServerTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder builderForValue) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        ensureServerTlsPoliciesIsMutable();
+        serverTlsPolicies_.set(index, builderForValue.build());
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.setMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder addServerTlsPolicies(com.google.cloud.networksecurity.v1.ServerTlsPolicy value) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureServerTlsPoliciesIsMutable();
+        serverTlsPolicies_.add(value);
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.addMessage(value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder addServerTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ServerTlsPolicy value) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        ensureServerTlsPoliciesIsMutable();
+        serverTlsPolicies_.add(index, value);
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.addMessage(index, value);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder addServerTlsPolicies(
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder builderForValue) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        ensureServerTlsPoliciesIsMutable();
+        serverTlsPolicies_.add(builderForValue.build());
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.addMessage(builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder addServerTlsPolicies(
+        int index, com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder builderForValue) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        ensureServerTlsPoliciesIsMutable();
+        serverTlsPolicies_.add(index, builderForValue.build());
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.addMessage(index, builderForValue.build());
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder addAllServerTlsPolicies(
+        java.lang.Iterable<? extends com.google.cloud.networksecurity.v1.ServerTlsPolicy> values) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        ensureServerTlsPoliciesIsMutable();
+        com.google.protobuf.AbstractMessageLite.Builder.addAll(values, serverTlsPolicies_);
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.addAllMessages(values);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder clearServerTlsPolicies() {
+      if (serverTlsPoliciesBuilder_ == null) {
+        serverTlsPolicies_ = java.util.Collections.emptyList();
+        bitField0_ = (bitField0_ & ~0x00000001);
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public Builder removeServerTlsPolicies(int index) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        ensureServerTlsPoliciesIsMutable();
+        serverTlsPolicies_.remove(index);
+        onChanged();
+      } else {
+        serverTlsPoliciesBuilder_.remove(index);
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder getServerTlsPoliciesBuilder(
+        int index) {
+      return getServerTlsPoliciesFieldBuilder().getBuilder(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder
+        getServerTlsPoliciesOrBuilder(int index) {
+      if (serverTlsPoliciesBuilder_ == null) {
+        return serverTlsPolicies_.get(index);
+      } else {
+        return serverTlsPoliciesBuilder_.getMessageOrBuilder(index);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public java.util.List<? extends com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+        getServerTlsPoliciesOrBuilderList() {
+      if (serverTlsPoliciesBuilder_ != null) {
+        return serverTlsPoliciesBuilder_.getMessageOrBuilderList();
+      } else {
+        return java.util.Collections.unmodifiableList(serverTlsPolicies_);
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder
+        addServerTlsPoliciesBuilder() {
+      return getServerTlsPoliciesFieldBuilder()
+          .addBuilder(com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder addServerTlsPoliciesBuilder(
+        int index) {
+      return getServerTlsPoliciesFieldBuilder()
+          .addBuilder(
+              index, com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance());
+    }
+    /**
+     *
+     *
+     * <pre>
+     * List of ServerTlsPolicy resources.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;
+     * </code>
+     */
+    public java.util.List<com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder>
+        getServerTlsPoliciesBuilderList() {
+      return getServerTlsPoliciesFieldBuilder().getBuilderList();
+    }
+
+    private com.google.protobuf.RepeatedFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+        getServerTlsPoliciesFieldBuilder() {
+      if (serverTlsPoliciesBuilder_ == null) {
+        serverTlsPoliciesBuilder_ =
+            new com.google.protobuf.RepeatedFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>(
+                serverTlsPolicies_,
+                ((bitField0_ & 0x00000001) != 0),
+                getParentForChildren(),
+                isClean());
+        serverTlsPolicies_ = null;
+      }
+      return serverTlsPoliciesBuilder_;
+    }
+
+    private java.lang.Object nextPageToken_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return The nextPageToken.
+     */
+    public java.lang.String getNextPageToken() {
+      java.lang.Object ref = nextPageToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        nextPageToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return The bytes for nextPageToken.
+     */
+    public com.google.protobuf.ByteString getNextPageTokenBytes() {
+      java.lang.Object ref = nextPageToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        nextPageToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @param value The nextPageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNextPageToken(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      nextPageToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearNextPageToken() {
+
+      nextPageToken_ = getDefaultInstance().getNextPageToken();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * If there might be more results than those appearing in this response, then
+     * `next_page_token` is included. To get the next set of results, call this
+     * method again using the value of `next_page_token` as `page_token`.
+     * </pre>
+     *
+     * <code>string next_page_token = 2;</code>
+     *
+     * @param value The bytes for nextPageToken to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNextPageTokenBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      nextPageToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse)
+  private static final com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ListServerTlsPoliciesResponse> PARSER =
+      new com.google.protobuf.AbstractParser<ListServerTlsPoliciesResponse>() {
+        @java.lang.Override
+        public ListServerTlsPoliciesResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ListServerTlsPoliciesResponse(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ListServerTlsPoliciesResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ListServerTlsPoliciesResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponseOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponseOrBuilder.java
new file mode 100644
index 000000000000..b3f1d3fc1795
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ListServerTlsPoliciesResponseOrBuilder.java
@@ -0,0 +1,107 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ListServerTlsPoliciesResponseOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ListServerTlsPoliciesResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  java.util.List<com.google.cloud.networksecurity.v1.ServerTlsPolicy> getServerTlsPoliciesList();
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicies(int index);
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  int getServerTlsPoliciesCount();
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  java.util.List<? extends com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+      getServerTlsPoliciesOrBuilderList();
+  /**
+   *
+   *
+   * <pre>
+   * List of ServerTlsPolicy resources.
+   * </pre>
+   *
+   * <code>repeated .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policies = 1;</code>
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder getServerTlsPoliciesOrBuilder(
+      int index);
+
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The nextPageToken.
+   */
+  java.lang.String getNextPageToken();
+  /**
+   *
+   *
+   * <pre>
+   * If there might be more results than those appearing in this response, then
+   * `next_page_token` is included. To get the next set of results, call this
+   * method again using the value of `next_page_token` as `page_token`.
+   * </pre>
+   *
+   * <code>string next_page_token = 2;</code>
+   *
+   * @return The bytes for nextPageToken.
+   */
+  com.google.protobuf.ByteString getNextPageTokenBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/LocationName.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/LocationName.java
new file mode 100644
index 000000000000..72ad743225de
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/LocationName.java
@@ -0,0 +1,192 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import com.google.api.pathtemplate.PathTemplate;
+import com.google.api.resourcenames.ResourceName;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableMap;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+@Generated("by gapic-generator-java")
+public class LocationName implements ResourceName {
+  private static final PathTemplate PROJECT_LOCATION =
+      PathTemplate.createWithoutUrlEncoding("projects/{project}/locations/{location}");
+  private volatile Map<String, String> fieldValuesMap;
+  private final String project;
+  private final String location;
+
+  @Deprecated
+  protected LocationName() {
+    project = null;
+    location = null;
+  }
+
+  private LocationName(Builder builder) {
+    project = Preconditions.checkNotNull(builder.getProject());
+    location = Preconditions.checkNotNull(builder.getLocation());
+  }
+
+  public String getProject() {
+    return project;
+  }
+
+  public String getLocation() {
+    return location;
+  }
+
+  public static Builder newBuilder() {
+    return new Builder();
+  }
+
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  public static LocationName of(String project, String location) {
+    return newBuilder().setProject(project).setLocation(location).build();
+  }
+
+  public static String format(String project, String location) {
+    return newBuilder().setProject(project).setLocation(location).build().toString();
+  }
+
+  public static LocationName parse(String formattedString) {
+    if (formattedString.isEmpty()) {
+      return null;
+    }
+    Map<String, String> matchMap =
+        PROJECT_LOCATION.validatedMatch(
+            formattedString, "LocationName.parse: formattedString not in valid format");
+    return of(matchMap.get("project"), matchMap.get("location"));
+  }
+
+  public static List<LocationName> parseList(List<String> formattedStrings) {
+    List<LocationName> list = new ArrayList<>(formattedStrings.size());
+    for (String formattedString : formattedStrings) {
+      list.add(parse(formattedString));
+    }
+    return list;
+  }
+
+  public static List<String> toStringList(List<LocationName> values) {
+    List<String> list = new ArrayList<>(values.size());
+    for (LocationName value : values) {
+      if (value == null) {
+        list.add("");
+      } else {
+        list.add(value.toString());
+      }
+    }
+    return list;
+  }
+
+  public static boolean isParsableFrom(String formattedString) {
+    return PROJECT_LOCATION.matches(formattedString);
+  }
+
+  @Override
+  public Map<String, String> getFieldValuesMap() {
+    if (fieldValuesMap == null) {
+      synchronized (this) {
+        if (fieldValuesMap == null) {
+          ImmutableMap.Builder<String, String> fieldMapBuilder = ImmutableMap.builder();
+          if (project != null) {
+            fieldMapBuilder.put("project", project);
+          }
+          if (location != null) {
+            fieldMapBuilder.put("location", location);
+          }
+          fieldValuesMap = fieldMapBuilder.build();
+        }
+      }
+    }
+    return fieldValuesMap;
+  }
+
+  public String getFieldValue(String fieldName) {
+    return getFieldValuesMap().get(fieldName);
+  }
+
+  @Override
+  public String toString() {
+    return PROJECT_LOCATION.instantiate("project", project, "location", location);
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (o == this) {
+      return true;
+    }
+    if (o != null || getClass() == o.getClass()) {
+      LocationName that = ((LocationName) o);
+      return Objects.equals(this.project, that.project)
+          && Objects.equals(this.location, that.location);
+    }
+    return false;
+  }
+
+  @Override
+  public int hashCode() {
+    int h = 1;
+    h *= 1000003;
+    h ^= Objects.hashCode(project);
+    h *= 1000003;
+    h ^= Objects.hashCode(location);
+    return h;
+  }
+
+  /** Builder for projects/{project}/locations/{location}. */
+  public static class Builder {
+    private String project;
+    private String location;
+
+    protected Builder() {}
+
+    public String getProject() {
+      return project;
+    }
+
+    public String getLocation() {
+      return location;
+    }
+
+    public Builder setProject(String project) {
+      this.project = project;
+      return this;
+    }
+
+    public Builder setLocation(String location) {
+      this.location = location;
+      return this;
+    }
+
+    private Builder(LocationName locationName) {
+      this.project = locationName.project;
+      this.location = locationName.location;
+    }
+
+    public LocationName build() {
+      return new LocationName(this);
+    }
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityOuterClass.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityOuterClass.java
new file mode 100644
index 000000000000..6ff59866d187
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/NetworkSecurityOuterClass.java
@@ -0,0 +1,189 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/network_security.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public final class NetworkSecurityOuterClass {
+  private NetworkSecurityOuterClass() {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+    return descriptor;
+  }
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
+  static {
+    java.lang.String[] descriptorData = {
+      "\n6google/cloud/networksecurity/v1/networ"
+          + "k_security.proto\022\037google.cloud.networkse"
+          + "curity.v1\032\034google/api/annotations.proto\032"
+          + "\027google/api/client.proto\032:google/cloud/n"
+          + "etworksecurity/v1/authorization_policy.p"
+          + "roto\0327google/cloud/networksecurity/v1/cl"
+          + "ient_tls_policy.proto\0327google/cloud/netw"
+          + "orksecurity/v1/server_tls_policy.proto\032#"
+          + "google/longrunning/operations.proto2\375 \n\017"
+          + "NetworkSecurity\022\356\001\n\031ListAuthorizationPol"
+          + "icies\022A.google.cloud.networksecurity.v1."
+          + "ListAuthorizationPoliciesRequest\032B.googl"
+          + "e.cloud.networksecurity.v1.ListAuthoriza"
+          + "tionPoliciesResponse\"J\202\323\344\223\002;\0229/v1/{paren"
+          + "t=projects/*/locations/*}/authorizationP"
+          + "olicies\332A\006parent\022\330\001\n\026GetAuthorizationPol"
+          + "icy\022>.google.cloud.networksecurity.v1.Ge"
+          + "tAuthorizationPolicyRequest\0324.google.clo"
+          + "ud.networksecurity.v1.AuthorizationPolic"
+          + "y\"H\202\323\344\223\002;\0229/v1/{name=projects/*/location"
+          + "s/*/authorizationPolicies/*}\332A\004name\022\330\002\n\031"
+          + "CreateAuthorizationPolicy\022A.google.cloud"
+          + ".networksecurity.v1.CreateAuthorizationP"
+          + "olicyRequest\032\035.google.longrunning.Operat"
+          + "ion\"\330\001\202\323\344\223\002Q\"9/v1/{parent=projects/*/loc"
+          + "ations/*}/authorizationPolicies:\024authori"
+          + "zation_policy\332A3parent,authorization_pol"
+          + "icy,authorization_policy_id\312AH\n\023Authoriz"
+          + "ationPolicy\0221google.cloud.networksecurit"
+          + "y.v1.OperationMetadata\022\332\002\n\031UpdateAuthori"
+          + "zationPolicy\022A.google.cloud.networksecur"
+          + "ity.v1.UpdateAuthorizationPolicyRequest\032"
+          + "\035.google.longrunning.Operation\"\332\001\202\323\344\223\002f2"
+          + "N/v1/{authorization_policy.name=projects"
+          + "/*/locations/*/authorizationPolicies/*}:"
+          + "\024authorization_policy\332A authorization_po"
+          + "licy,update_mask\312AH\n\023AuthorizationPolicy"
+          + "\0221google.cloud.networksecurity.v1.Operat"
+          + "ionMetadata\022\225\002\n\031DeleteAuthorizationPolic"
+          + "y\022A.google.cloud.networksecurity.v1.Dele"
+          + "teAuthorizationPolicyRequest\032\035.google.lo"
+          + "ngrunning.Operation\"\225\001\202\323\344\223\002;*9/v1/{name="
+          + "projects/*/locations/*/authorizationPoli"
+          + "cies/*}\332A\004name\312AJ\n\025google.protobuf.Empty"
+          + "\0221google.cloud.networksecurity.v1.Operat"
+          + "ionMetadata\022\336\001\n\025ListServerTlsPolicies\022=."
+          + "google.cloud.networksecurity.v1.ListServ"
+          + "erTlsPoliciesRequest\032>.google.cloud.netw"
+          + "orksecurity.v1.ListServerTlsPoliciesResp"
+          + "onse\"F\202\323\344\223\0027\0225/v1/{parent=projects/*/loc"
+          + "ations/*}/serverTlsPolicies\332A\006parent\022\310\001\n"
+          + "\022GetServerTlsPolicy\022:.google.cloud.netwo"
+          + "rksecurity.v1.GetServerTlsPolicyRequest\032"
+          + "0.google.cloud.networksecurity.v1.Server"
+          + "TlsPolicy\"D\202\323\344\223\0027\0225/v1/{name=projects/*/"
+          + "locations/*/serverTlsPolicies/*}\332A\004name\022"
+          + "\277\002\n\025CreateServerTlsPolicy\022=.google.cloud"
+          + ".networksecurity.v1.CreateServerTlsPolic"
+          + "yRequest\032\035.google.longrunning.Operation\""
+          + "\307\001\202\323\344\223\002J\"5/v1/{parent=projects/*/locatio"
+          + "ns/*}/serverTlsPolicies:\021server_tls_poli"
+          + "cy\332A-parent,server_tls_policy,server_tls"
+          + "_policy_id\312AD\n\017ServerTlsPolicy\0221google.c"
+          + "loud.networksecurity.v1.OperationMetadat"
+          + "a\022\301\002\n\025UpdateServerTlsPolicy\022=.google.clo"
+          + "ud.networksecurity.v1.UpdateServerTlsPol"
+          + "icyRequest\032\035.google.longrunning.Operatio"
+          + "n\"\311\001\202\323\344\223\002\\2G/v1/{server_tls_policy.name="
+          + "projects/*/locations/*/serverTlsPolicies"
+          + "/*}:\021server_tls_policy\332A\035server_tls_poli"
+          + "cy,update_mask\312AD\n\017ServerTlsPolicy\0221goog"
+          + "le.cloud.networksecurity.v1.OperationMet"
+          + "adata\022\211\002\n\025DeleteServerTlsPolicy\022=.google"
+          + ".cloud.networksecurity.v1.DeleteServerTl"
+          + "sPolicyRequest\032\035.google.longrunning.Oper"
+          + "ation\"\221\001\202\323\344\223\0027*5/v1/{name=projects/*/loc"
+          + "ations/*/serverTlsPolicies/*}\332A\004name\312AJ\n"
+          + "\025google.protobuf.Empty\0221google.cloud.net"
+          + "worksecurity.v1.OperationMetadata\022\336\001\n\025Li"
+          + "stClientTlsPolicies\022=.google.cloud.netwo"
+          + "rksecurity.v1.ListClientTlsPoliciesReque"
+          + "st\032>.google.cloud.networksecurity.v1.Lis"
+          + "tClientTlsPoliciesResponse\"F\202\323\344\223\0027\0225/v1/"
+          + "{parent=projects/*/locations/*}/clientTl"
+          + "sPolicies\332A\006parent\022\310\001\n\022GetClientTlsPolic"
+          + "y\022:.google.cloud.networksecurity.v1.GetC"
+          + "lientTlsPolicyRequest\0320.google.cloud.net"
+          + "worksecurity.v1.ClientTlsPolicy\"D\202\323\344\223\0027\022"
+          + "5/v1/{name=projects/*/locations/*/client"
+          + "TlsPolicies/*}\332A\004name\022\277\002\n\025CreateClientTl"
+          + "sPolicy\022=.google.cloud.networksecurity.v"
+          + "1.CreateClientTlsPolicyRequest\032\035.google."
+          + "longrunning.Operation\"\307\001\202\323\344\223\002J\"5/v1/{par"
+          + "ent=projects/*/locations/*}/clientTlsPol"
+          + "icies:\021client_tls_policy\332A-parent,client"
+          + "_tls_policy,client_tls_policy_id\312AD\n\017Cli"
+          + "entTlsPolicy\0221google.cloud.networksecuri"
+          + "ty.v1.OperationMetadata\022\301\002\n\025UpdateClient"
+          + "TlsPolicy\022=.google.cloud.networksecurity"
+          + ".v1.UpdateClientTlsPolicyRequest\032\035.googl"
+          + "e.longrunning.Operation\"\311\001\202\323\344\223\002\\2G/v1/{c"
+          + "lient_tls_policy.name=projects/*/locatio"
+          + "ns/*/clientTlsPolicies/*}:\021client_tls_po"
+          + "licy\332A\035client_tls_policy,update_mask\312AD\n"
+          + "\017ClientTlsPolicy\0221google.cloud.networkse"
+          + "curity.v1.OperationMetadata\022\211\002\n\025DeleteCl"
+          + "ientTlsPolicy\022=.google.cloud.networksecu"
+          + "rity.v1.DeleteClientTlsPolicyRequest\032\035.g"
+          + "oogle.longrunning.Operation\"\221\001\202\323\344\223\0027*5/v"
+          + "1/{name=projects/*/locations/*/clientTls"
+          + "Policies/*}\332A\004name\312AJ\n\025google.protobuf.E"
+          + "mpty\0221google.cloud.networksecurity.v1.Op"
+          + "erationMetadata\032R\312A\036networksecurity.goog"
+          + "leapis.com\322A.https://www.googleapis.com/"
+          + "auth/cloud-platformB\340\001\n#com.google.cloud"
+          + ".networksecurity.v1P\001ZNgoogle.golang.org"
+          + "/genproto/googleapis/cloud/networksecuri"
+          + "ty/v1;networksecurity\252\002\037Google.Cloud.Net"
+          + "workSecurity.V1\312\002\037Google\\Cloud\\NetworkSe"
+          + "curity\\V1\352\002\"Google::Cloud::NetworkSecuri"
+          + "ty::V1b\006proto3"
+    };
+    descriptor =
+        com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+            descriptorData,
+            new com.google.protobuf.Descriptors.FileDescriptor[] {
+              com.google.api.AnnotationsProto.getDescriptor(),
+              com.google.api.ClientProto.getDescriptor(),
+              com.google.cloud.networksecurity.v1.AuthorizationPolicyProto.getDescriptor(),
+              com.google.cloud.networksecurity.v1.ClientTlsPolicyProto.getDescriptor(),
+              com.google.cloud.networksecurity.v1.ServerTlsPolicyProto.getDescriptor(),
+              com.google.longrunning.OperationsProto.getDescriptor(),
+            });
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.ClientProto.defaultHost);
+    registry.add(com.google.api.AnnotationsProto.http);
+    registry.add(com.google.api.ClientProto.methodSignature);
+    registry.add(com.google.api.ClientProto.oauthScopes);
+    registry.add(com.google.longrunning.OperationsProto.operationInfo);
+    com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
+        descriptor, registry);
+    com.google.api.AnnotationsProto.getDescriptor();
+    com.google.api.ClientProto.getDescriptor();
+    com.google.cloud.networksecurity.v1.AuthorizationPolicyProto.getDescriptor();
+    com.google.cloud.networksecurity.v1.ClientTlsPolicyProto.getDescriptor();
+    com.google.cloud.networksecurity.v1.ServerTlsPolicyProto.getDescriptor();
+    com.google.longrunning.OperationsProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadata.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadata.java
new file mode 100644
index 000000000000..832bc7a2143f
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadata.java
@@ -0,0 +1,1851 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/common.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Represents the metadata of the long-running operation.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.OperationMetadata}
+ */
+public final class OperationMetadata extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.OperationMetadata)
+    OperationMetadataOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use OperationMetadata.newBuilder() to construct.
+  private OperationMetadata(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private OperationMetadata() {
+    target_ = "";
+    verb_ = "";
+    statusMessage_ = "";
+    apiVersion_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new OperationMetadata();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private OperationMetadata(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (createTime_ != null) {
+                subBuilder = createTime_.toBuilder();
+              }
+              createTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(createTime_);
+                createTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 18:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (endTime_ != null) {
+                subBuilder = endTime_.toBuilder();
+              }
+              endTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(endTime_);
+                endTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 26:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              target_ = s;
+              break;
+            }
+          case 34:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              verb_ = s;
+              break;
+            }
+          case 42:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              statusMessage_ = s;
+              break;
+            }
+          case 48:
+            {
+              requestedCancellation_ = input.readBool();
+              break;
+            }
+          case 58:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              apiVersion_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.CommonProto
+        .internal_static_google_cloud_networksecurity_v1_OperationMetadata_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.CommonProto
+        .internal_static_google_cloud_networksecurity_v1_OperationMetadata_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.OperationMetadata.class,
+            com.google.cloud.networksecurity.v1.OperationMetadata.Builder.class);
+  }
+
+  public static final int CREATE_TIME_FIELD_NUMBER = 1;
+  private com.google.protobuf.Timestamp createTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasCreateTime() {
+    return createTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getCreateTime() {
+    return createTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : createTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+    return getCreateTime();
+  }
+
+  public static final int END_TIME_FIELD_NUMBER = 2;
+  private com.google.protobuf.Timestamp endTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation finished running.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the endTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasEndTime() {
+    return endTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation finished running.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The endTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getEndTime() {
+    return endTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : endTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation finished running.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getEndTimeOrBuilder() {
+    return getEndTime();
+  }
+
+  public static final int TARGET_FIELD_NUMBER = 3;
+  private volatile java.lang.Object target_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Server-defined resource path for the target of the operation.
+   * </pre>
+   *
+   * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The target.
+   */
+  @java.lang.Override
+  public java.lang.String getTarget() {
+    java.lang.Object ref = target_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      target_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Server-defined resource path for the target of the operation.
+   * </pre>
+   *
+   * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for target.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getTargetBytes() {
+    java.lang.Object ref = target_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      target_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int VERB_FIELD_NUMBER = 4;
+  private volatile java.lang.Object verb_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Name of the verb executed by the operation.
+   * </pre>
+   *
+   * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The verb.
+   */
+  @java.lang.Override
+  public java.lang.String getVerb() {
+    java.lang.Object ref = verb_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      verb_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Name of the verb executed by the operation.
+   * </pre>
+   *
+   * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for verb.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getVerbBytes() {
+    java.lang.Object ref = verb_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      verb_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int STATUS_MESSAGE_FIELD_NUMBER = 5;
+  private volatile java.lang.Object statusMessage_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Human-readable status of the operation, if any.
+   * </pre>
+   *
+   * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The statusMessage.
+   */
+  @java.lang.Override
+  public java.lang.String getStatusMessage() {
+    java.lang.Object ref = statusMessage_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      statusMessage_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Human-readable status of the operation, if any.
+   * </pre>
+   *
+   * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for statusMessage.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getStatusMessageBytes() {
+    java.lang.Object ref = statusMessage_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      statusMessage_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int REQUESTED_CANCELLATION_FIELD_NUMBER = 6;
+  private boolean requestedCancellation_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Identifies whether the user has requested cancellation
+   * of the operation. Operations that have successfully been cancelled
+   * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
+   * corresponding to `Code.CANCELLED`.
+   * </pre>
+   *
+   * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The requestedCancellation.
+   */
+  @java.lang.Override
+  public boolean getRequestedCancellation() {
+    return requestedCancellation_;
+  }
+
+  public static final int API_VERSION_FIELD_NUMBER = 7;
+  private volatile java.lang.Object apiVersion_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. API version used to start the operation.
+   * </pre>
+   *
+   * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The apiVersion.
+   */
+  @java.lang.Override
+  public java.lang.String getApiVersion() {
+    java.lang.Object ref = apiVersion_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      apiVersion_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. API version used to start the operation.
+   * </pre>
+   *
+   * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for apiVersion.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getApiVersionBytes() {
+    java.lang.Object ref = apiVersion_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      apiVersion_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (createTime_ != null) {
+      output.writeMessage(1, getCreateTime());
+    }
+    if (endTime_ != null) {
+      output.writeMessage(2, getEndTime());
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(target_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, target_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(verb_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 4, verb_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(statusMessage_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 5, statusMessage_);
+    }
+    if (requestedCancellation_ != false) {
+      output.writeBool(6, requestedCancellation_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(apiVersion_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 7, apiVersion_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (createTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(1, getCreateTime());
+    }
+    if (endTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(2, getEndTime());
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(target_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, target_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(verb_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(4, verb_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(statusMessage_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(5, statusMessage_);
+    }
+    if (requestedCancellation_ != false) {
+      size += com.google.protobuf.CodedOutputStream.computeBoolSize(6, requestedCancellation_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(apiVersion_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(7, apiVersion_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.OperationMetadata)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.OperationMetadata other =
+        (com.google.cloud.networksecurity.v1.OperationMetadata) obj;
+
+    if (hasCreateTime() != other.hasCreateTime()) return false;
+    if (hasCreateTime()) {
+      if (!getCreateTime().equals(other.getCreateTime())) return false;
+    }
+    if (hasEndTime() != other.hasEndTime()) return false;
+    if (hasEndTime()) {
+      if (!getEndTime().equals(other.getEndTime())) return false;
+    }
+    if (!getTarget().equals(other.getTarget())) return false;
+    if (!getVerb().equals(other.getVerb())) return false;
+    if (!getStatusMessage().equals(other.getStatusMessage())) return false;
+    if (getRequestedCancellation() != other.getRequestedCancellation()) return false;
+    if (!getApiVersion().equals(other.getApiVersion())) return false;
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    if (hasCreateTime()) {
+      hash = (37 * hash) + CREATE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getCreateTime().hashCode();
+    }
+    if (hasEndTime()) {
+      hash = (37 * hash) + END_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getEndTime().hashCode();
+    }
+    hash = (37 * hash) + TARGET_FIELD_NUMBER;
+    hash = (53 * hash) + getTarget().hashCode();
+    hash = (37 * hash) + VERB_FIELD_NUMBER;
+    hash = (53 * hash) + getVerb().hashCode();
+    hash = (37 * hash) + STATUS_MESSAGE_FIELD_NUMBER;
+    hash = (53 * hash) + getStatusMessage().hashCode();
+    hash = (37 * hash) + REQUESTED_CANCELLATION_FIELD_NUMBER;
+    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(getRequestedCancellation());
+    hash = (37 * hash) + API_VERSION_FIELD_NUMBER;
+    hash = (53 * hash) + getApiVersion().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.OperationMetadata prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Represents the metadata of the long-running operation.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.OperationMetadata}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.OperationMetadata)
+      com.google.cloud.networksecurity.v1.OperationMetadataOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.CommonProto
+          .internal_static_google_cloud_networksecurity_v1_OperationMetadata_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.CommonProto
+          .internal_static_google_cloud_networksecurity_v1_OperationMetadata_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.OperationMetadata.class,
+              com.google.cloud.networksecurity.v1.OperationMetadata.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.OperationMetadata.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+      if (endTimeBuilder_ == null) {
+        endTime_ = null;
+      } else {
+        endTime_ = null;
+        endTimeBuilder_ = null;
+      }
+      target_ = "";
+
+      verb_ = "";
+
+      statusMessage_ = "";
+
+      requestedCancellation_ = false;
+
+      apiVersion_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.CommonProto
+          .internal_static_google_cloud_networksecurity_v1_OperationMetadata_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.OperationMetadata getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.OperationMetadata.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.OperationMetadata build() {
+      com.google.cloud.networksecurity.v1.OperationMetadata result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.OperationMetadata buildPartial() {
+      com.google.cloud.networksecurity.v1.OperationMetadata result =
+          new com.google.cloud.networksecurity.v1.OperationMetadata(this);
+      if (createTimeBuilder_ == null) {
+        result.createTime_ = createTime_;
+      } else {
+        result.createTime_ = createTimeBuilder_.build();
+      }
+      if (endTimeBuilder_ == null) {
+        result.endTime_ = endTime_;
+      } else {
+        result.endTime_ = endTimeBuilder_.build();
+      }
+      result.target_ = target_;
+      result.verb_ = verb_;
+      result.statusMessage_ = statusMessage_;
+      result.requestedCancellation_ = requestedCancellation_;
+      result.apiVersion_ = apiVersion_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.OperationMetadata) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.OperationMetadata) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.OperationMetadata other) {
+      if (other == com.google.cloud.networksecurity.v1.OperationMetadata.getDefaultInstance())
+        return this;
+      if (other.hasCreateTime()) {
+        mergeCreateTime(other.getCreateTime());
+      }
+      if (other.hasEndTime()) {
+        mergeEndTime(other.getEndTime());
+      }
+      if (!other.getTarget().isEmpty()) {
+        target_ = other.target_;
+        onChanged();
+      }
+      if (!other.getVerb().isEmpty()) {
+        verb_ = other.verb_;
+        onChanged();
+      }
+      if (!other.getStatusMessage().isEmpty()) {
+        statusMessage_ = other.statusMessage_;
+        onChanged();
+      }
+      if (other.getRequestedCancellation() != false) {
+        setRequestedCancellation(other.getRequestedCancellation());
+      }
+      if (!other.getApiVersion().isEmpty()) {
+        apiVersion_ = other.apiVersion_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.OperationMetadata parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.OperationMetadata) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp createTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        createTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the createTime field is set.
+     */
+    public boolean hasCreateTime() {
+      return createTimeBuilder_ != null || createTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The createTime.
+     */
+    public com.google.protobuf.Timestamp getCreateTime() {
+      if (createTimeBuilder_ == null) {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      } else {
+        return createTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        createTime_ = value;
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (createTimeBuilder_ == null) {
+        createTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (createTime_ != null) {
+          createTime_ =
+              com.google.protobuf.Timestamp.newBuilder(createTime_).mergeFrom(value).buildPartial();
+        } else {
+          createTime_ = value;
+        }
+        onChanged();
+      } else {
+        createTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearCreateTime() {
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+        onChanged();
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getCreateTimeBuilder() {
+
+      onChanged();
+      return getCreateTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+      if (createTimeBuilder_ != null) {
+        return createTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getCreateTimeFieldBuilder() {
+      if (createTimeBuilder_ == null) {
+        createTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getCreateTime(), getParentForChildren(), isClean());
+        createTime_ = null;
+      }
+      return createTimeBuilder_;
+    }
+
+    private com.google.protobuf.Timestamp endTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        endTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the endTime field is set.
+     */
+    public boolean hasEndTime() {
+      return endTimeBuilder_ != null || endTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The endTime.
+     */
+    public com.google.protobuf.Timestamp getEndTime() {
+      if (endTimeBuilder_ == null) {
+        return endTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : endTime_;
+      } else {
+        return endTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setEndTime(com.google.protobuf.Timestamp value) {
+      if (endTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        endTime_ = value;
+        onChanged();
+      } else {
+        endTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setEndTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (endTimeBuilder_ == null) {
+        endTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        endTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeEndTime(com.google.protobuf.Timestamp value) {
+      if (endTimeBuilder_ == null) {
+        if (endTime_ != null) {
+          endTime_ =
+              com.google.protobuf.Timestamp.newBuilder(endTime_).mergeFrom(value).buildPartial();
+        } else {
+          endTime_ = value;
+        }
+        onChanged();
+      } else {
+        endTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearEndTime() {
+      if (endTimeBuilder_ == null) {
+        endTime_ = null;
+        onChanged();
+      } else {
+        endTime_ = null;
+        endTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getEndTimeBuilder() {
+
+      onChanged();
+      return getEndTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getEndTimeOrBuilder() {
+      if (endTimeBuilder_ != null) {
+        return endTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return endTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : endTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The time the operation finished running.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getEndTimeFieldBuilder() {
+      if (endTimeBuilder_ == null) {
+        endTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getEndTime(), getParentForChildren(), isClean());
+        endTime_ = null;
+      }
+      return endTimeBuilder_;
+    }
+
+    private java.lang.Object target_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Server-defined resource path for the target of the operation.
+     * </pre>
+     *
+     * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The target.
+     */
+    public java.lang.String getTarget() {
+      java.lang.Object ref = target_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        target_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Server-defined resource path for the target of the operation.
+     * </pre>
+     *
+     * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The bytes for target.
+     */
+    public com.google.protobuf.ByteString getTargetBytes() {
+      java.lang.Object ref = target_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        target_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Server-defined resource path for the target of the operation.
+     * </pre>
+     *
+     * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The target to set.
+     * @return This builder for chaining.
+     */
+    public Builder setTarget(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      target_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Server-defined resource path for the target of the operation.
+     * </pre>
+     *
+     * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearTarget() {
+
+      target_ = getDefaultInstance().getTarget();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Server-defined resource path for the target of the operation.
+     * </pre>
+     *
+     * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The bytes for target to set.
+     * @return This builder for chaining.
+     */
+    public Builder setTargetBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      target_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object verb_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Name of the verb executed by the operation.
+     * </pre>
+     *
+     * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The verb.
+     */
+    public java.lang.String getVerb() {
+      java.lang.Object ref = verb_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        verb_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Name of the verb executed by the operation.
+     * </pre>
+     *
+     * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The bytes for verb.
+     */
+    public com.google.protobuf.ByteString getVerbBytes() {
+      java.lang.Object ref = verb_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        verb_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Name of the verb executed by the operation.
+     * </pre>
+     *
+     * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The verb to set.
+     * @return This builder for chaining.
+     */
+    public Builder setVerb(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      verb_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Name of the verb executed by the operation.
+     * </pre>
+     *
+     * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearVerb() {
+
+      verb_ = getDefaultInstance().getVerb();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Name of the verb executed by the operation.
+     * </pre>
+     *
+     * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The bytes for verb to set.
+     * @return This builder for chaining.
+     */
+    public Builder setVerbBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      verb_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object statusMessage_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Human-readable status of the operation, if any.
+     * </pre>
+     *
+     * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The statusMessage.
+     */
+    public java.lang.String getStatusMessage() {
+      java.lang.Object ref = statusMessage_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        statusMessage_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Human-readable status of the operation, if any.
+     * </pre>
+     *
+     * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The bytes for statusMessage.
+     */
+    public com.google.protobuf.ByteString getStatusMessageBytes() {
+      java.lang.Object ref = statusMessage_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        statusMessage_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Human-readable status of the operation, if any.
+     * </pre>
+     *
+     * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The statusMessage to set.
+     * @return This builder for chaining.
+     */
+    public Builder setStatusMessage(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      statusMessage_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Human-readable status of the operation, if any.
+     * </pre>
+     *
+     * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearStatusMessage() {
+
+      statusMessage_ = getDefaultInstance().getStatusMessage();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Human-readable status of the operation, if any.
+     * </pre>
+     *
+     * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The bytes for statusMessage to set.
+     * @return This builder for chaining.
+     */
+    public Builder setStatusMessageBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      statusMessage_ = value;
+      onChanged();
+      return this;
+    }
+
+    private boolean requestedCancellation_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Identifies whether the user has requested cancellation
+     * of the operation. Operations that have successfully been cancelled
+     * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
+     * corresponding to `Code.CANCELLED`.
+     * </pre>
+     *
+     * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The requestedCancellation.
+     */
+    @java.lang.Override
+    public boolean getRequestedCancellation() {
+      return requestedCancellation_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Identifies whether the user has requested cancellation
+     * of the operation. Operations that have successfully been cancelled
+     * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
+     * corresponding to `Code.CANCELLED`.
+     * </pre>
+     *
+     * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The requestedCancellation to set.
+     * @return This builder for chaining.
+     */
+    public Builder setRequestedCancellation(boolean value) {
+
+      requestedCancellation_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. Identifies whether the user has requested cancellation
+     * of the operation. Operations that have successfully been cancelled
+     * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
+     * corresponding to `Code.CANCELLED`.
+     * </pre>
+     *
+     * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearRequestedCancellation() {
+
+      requestedCancellation_ = false;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object apiVersion_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Output only. API version used to start the operation.
+     * </pre>
+     *
+     * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The apiVersion.
+     */
+    public java.lang.String getApiVersion() {
+      java.lang.Object ref = apiVersion_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        apiVersion_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. API version used to start the operation.
+     * </pre>
+     *
+     * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return The bytes for apiVersion.
+     */
+    public com.google.protobuf.ByteString getApiVersionBytes() {
+      java.lang.Object ref = apiVersion_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        apiVersion_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. API version used to start the operation.
+     * </pre>
+     *
+     * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The apiVersion to set.
+     * @return This builder for chaining.
+     */
+    public Builder setApiVersion(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      apiVersion_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. API version used to start the operation.
+     * </pre>
+     *
+     * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearApiVersion() {
+
+      apiVersion_ = getDefaultInstance().getApiVersion();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. API version used to start the operation.
+     * </pre>
+     *
+     * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+     *
+     * @param value The bytes for apiVersion to set.
+     * @return This builder for chaining.
+     */
+    public Builder setApiVersionBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      apiVersion_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.OperationMetadata)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.OperationMetadata)
+  private static final com.google.cloud.networksecurity.v1.OperationMetadata DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.OperationMetadata();
+  }
+
+  public static com.google.cloud.networksecurity.v1.OperationMetadata getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<OperationMetadata> PARSER =
+      new com.google.protobuf.AbstractParser<OperationMetadata>() {
+        @java.lang.Override
+        public OperationMetadata parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new OperationMetadata(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<OperationMetadata> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<OperationMetadata> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.OperationMetadata getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadataOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadataOrBuilder.java
new file mode 100644
index 000000000000..29dbebc5f665
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/OperationMetadataOrBuilder.java
@@ -0,0 +1,217 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/common.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface OperationMetadataOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.OperationMetadata)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  boolean hasCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  com.google.protobuf.Timestamp getCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation finished running.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the endTime field is set.
+   */
+  boolean hasEndTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation finished running.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The endTime.
+   */
+  com.google.protobuf.Timestamp getEndTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The time the operation finished running.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp end_time = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getEndTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Server-defined resource path for the target of the operation.
+   * </pre>
+   *
+   * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The target.
+   */
+  java.lang.String getTarget();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Server-defined resource path for the target of the operation.
+   * </pre>
+   *
+   * <code>string target = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for target.
+   */
+  com.google.protobuf.ByteString getTargetBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Name of the verb executed by the operation.
+   * </pre>
+   *
+   * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The verb.
+   */
+  java.lang.String getVerb();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Name of the verb executed by the operation.
+   * </pre>
+   *
+   * <code>string verb = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for verb.
+   */
+  com.google.protobuf.ByteString getVerbBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Human-readable status of the operation, if any.
+   * </pre>
+   *
+   * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The statusMessage.
+   */
+  java.lang.String getStatusMessage();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Human-readable status of the operation, if any.
+   * </pre>
+   *
+   * <code>string status_message = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for statusMessage.
+   */
+  com.google.protobuf.ByteString getStatusMessageBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. Identifies whether the user has requested cancellation
+   * of the operation. Operations that have successfully been cancelled
+   * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
+   * corresponding to `Code.CANCELLED`.
+   * </pre>
+   *
+   * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The requestedCancellation.
+   */
+  boolean getRequestedCancellation();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. API version used to start the operation.
+   * </pre>
+   *
+   * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The apiVersion.
+   */
+  java.lang.String getApiVersion();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. API version used to start the operation.
+   * </pre>
+   *
+   * <code>string api_version = 7 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
+   *
+   * @return The bytes for apiVersion.
+   */
+  com.google.protobuf.ByteString getApiVersionBytes();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicy.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicy.java
new file mode 100644
index 000000000000..d7dc77eb3838
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicy.java
@@ -0,0 +1,3566 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * ServerTlsPolicy is a resource that specifies how a server should authenticate
+ * incoming requests. This resource itself does not affect configuration unless
+ * it is attached to a target https proxy or endpoint config selector resource.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ServerTlsPolicy}
+ */
+public final class ServerTlsPolicy extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ServerTlsPolicy)
+    ServerTlsPolicyOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ServerTlsPolicy.newBuilder() to construct.
+  private ServerTlsPolicy(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ServerTlsPolicy() {
+    name_ = "";
+    description_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ServerTlsPolicy();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ServerTlsPolicy(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              name_ = s;
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+
+              description_ = s;
+              break;
+            }
+          case 26:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (createTime_ != null) {
+                subBuilder = createTime_.toBuilder();
+              }
+              createTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(createTime_);
+                createTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 34:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (updateTime_ != null) {
+                subBuilder = updateTime_.toBuilder();
+              }
+              updateTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(updateTime_);
+                updateTime_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 42:
+            {
+              if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                labels_ =
+                    com.google.protobuf.MapField.newMapField(LabelsDefaultEntryHolder.defaultEntry);
+                mutable_bitField0_ |= 0x00000001;
+              }
+              com.google.protobuf.MapEntry<java.lang.String, java.lang.String> labels__ =
+                  input.readMessage(
+                      LabelsDefaultEntryHolder.defaultEntry.getParserForType(), extensionRegistry);
+              labels_.getMutableMap().put(labels__.getKey(), labels__.getValue());
+              break;
+            }
+          case 48:
+            {
+              allowOpen_ = input.readBool();
+              break;
+            }
+          case 58:
+            {
+              com.google.cloud.networksecurity.v1.CertificateProvider.Builder subBuilder = null;
+              if (serverCertificate_ != null) {
+                subBuilder = serverCertificate_.toBuilder();
+              }
+              serverCertificate_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.CertificateProvider.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(serverCertificate_);
+                serverCertificate_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 66:
+            {
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder subBuilder =
+                  null;
+              if (mtlsPolicy_ != null) {
+                subBuilder = mtlsPolicy_.toBuilder();
+              }
+              mtlsPolicy_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(mtlsPolicy_);
+                mtlsPolicy_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor;
+  }
+
+  @SuppressWarnings({"rawtypes"})
+  @java.lang.Override
+  protected com.google.protobuf.MapField internalGetMapField(int number) {
+    switch (number) {
+      case 5:
+        return internalGetLabels();
+      default:
+        throw new RuntimeException("Invalid map field number: " + number);
+    }
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.class,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder.class);
+  }
+
+  public interface MTLSPolicyOrBuilder
+      extends
+      // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy)
+      com.google.protobuf.MessageOrBuilder {
+
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    java.util.List<com.google.cloud.networksecurity.v1.ValidationCA> getClientValidationCaList();
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    com.google.cloud.networksecurity.v1.ValidationCA getClientValidationCa(int index);
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    int getClientValidationCaCount();
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    java.util.List<? extends com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+        getClientValidationCaOrBuilderList();
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    com.google.cloud.networksecurity.v1.ValidationCAOrBuilder getClientValidationCaOrBuilder(
+        int index);
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Specification of the MTLSPolicy.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy}
+   */
+  public static final class MTLSPolicy extends com.google.protobuf.GeneratedMessageV3
+      implements
+      // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy)
+      MTLSPolicyOrBuilder {
+    private static final long serialVersionUID = 0L;
+    // Use MTLSPolicy.newBuilder() to construct.
+    private MTLSPolicy(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+      super(builder);
+    }
+
+    private MTLSPolicy() {
+      clientValidationCa_ = java.util.Collections.emptyList();
+    }
+
+    @java.lang.Override
+    @SuppressWarnings({"unused"})
+    protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+      return new MTLSPolicy();
+    }
+
+    @java.lang.Override
+    public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+      return this.unknownFields;
+    }
+
+    private MTLSPolicy(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      this();
+      if (extensionRegistry == null) {
+        throw new java.lang.NullPointerException();
+      }
+      int mutable_bitField0_ = 0;
+      com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+          com.google.protobuf.UnknownFieldSet.newBuilder();
+      try {
+        boolean done = false;
+        while (!done) {
+          int tag = input.readTag();
+          switch (tag) {
+            case 0:
+              done = true;
+              break;
+            case 10:
+              {
+                if (!((mutable_bitField0_ & 0x00000001) != 0)) {
+                  clientValidationCa_ =
+                      new java.util.ArrayList<com.google.cloud.networksecurity.v1.ValidationCA>();
+                  mutable_bitField0_ |= 0x00000001;
+                }
+                clientValidationCa_.add(
+                    input.readMessage(
+                        com.google.cloud.networksecurity.v1.ValidationCA.parser(),
+                        extensionRegistry));
+                break;
+              }
+            default:
+              {
+                if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                  done = true;
+                }
+                break;
+              }
+          }
+        }
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        throw e.setUnfinishedMessage(this);
+      } catch (com.google.protobuf.UninitializedMessageException e) {
+        throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+      } catch (java.io.IOException e) {
+        throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+      } finally {
+        if (((mutable_bitField0_ & 0x00000001) != 0)) {
+          clientValidationCa_ = java.util.Collections.unmodifiableList(clientValidationCa_);
+        }
+        this.unknownFields = unknownFields.build();
+        makeExtensionsImmutable();
+      }
+    }
+
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.class,
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder.class);
+    }
+
+    public static final int CLIENT_VALIDATION_CA_FIELD_NUMBER = 1;
+    private java.util.List<com.google.cloud.networksecurity.v1.ValidationCA> clientValidationCa_;
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    @java.lang.Override
+    public java.util.List<com.google.cloud.networksecurity.v1.ValidationCA>
+        getClientValidationCaList() {
+      return clientValidationCa_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    @java.lang.Override
+    public java.util.List<? extends com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+        getClientValidationCaOrBuilderList() {
+      return clientValidationCa_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    @java.lang.Override
+    public int getClientValidationCaCount() {
+      return clientValidationCa_.size();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ValidationCA getClientValidationCa(int index) {
+      return clientValidationCa_.get(index);
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines the mechanism to obtain the Certificate Authority certificate to
+     * validate the client certificate.
+     * </pre>
+     *
+     * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;</code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ValidationCAOrBuilder getClientValidationCaOrBuilder(
+        int index) {
+      return clientValidationCa_.get(index);
+    }
+
+    private byte memoizedIsInitialized = -1;
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      byte isInitialized = memoizedIsInitialized;
+      if (isInitialized == 1) return true;
+      if (isInitialized == 0) return false;
+
+      memoizedIsInitialized = 1;
+      return true;
+    }
+
+    @java.lang.Override
+    public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+      for (int i = 0; i < clientValidationCa_.size(); i++) {
+        output.writeMessage(1, clientValidationCa_.get(i));
+      }
+      unknownFields.writeTo(output);
+    }
+
+    @java.lang.Override
+    public int getSerializedSize() {
+      int size = memoizedSize;
+      if (size != -1) return size;
+
+      size = 0;
+      for (int i = 0; i < clientValidationCa_.size(); i++) {
+        size +=
+            com.google.protobuf.CodedOutputStream.computeMessageSize(1, clientValidationCa_.get(i));
+      }
+      size += unknownFields.getSerializedSize();
+      memoizedSize = size;
+      return size;
+    }
+
+    @java.lang.Override
+    public boolean equals(final java.lang.Object obj) {
+      if (obj == this) {
+        return true;
+      }
+      if (!(obj instanceof com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy)) {
+        return super.equals(obj);
+      }
+      com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy other =
+          (com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy) obj;
+
+      if (!getClientValidationCaList().equals(other.getClientValidationCaList())) return false;
+      if (!unknownFields.equals(other.unknownFields)) return false;
+      return true;
+    }
+
+    @java.lang.Override
+    public int hashCode() {
+      if (memoizedHashCode != 0) {
+        return memoizedHashCode;
+      }
+      int hash = 41;
+      hash = (19 * hash) + getDescriptor().hashCode();
+      if (getClientValidationCaCount() > 0) {
+        hash = (37 * hash) + CLIENT_VALIDATION_CA_FIELD_NUMBER;
+        hash = (53 * hash) + getClientValidationCaList().hashCode();
+      }
+      hash = (29 * hash) + unknownFields.hashCode();
+      memoizedHashCode = hash;
+      return hash;
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        com.google.protobuf.ByteString data)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        com.google.protobuf.ByteString data,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return PARSER.parseFrom(data, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        java.io.InputStream input) throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+          PARSER, input, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseDelimitedFrom(
+        java.io.InputStream input) throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseDelimitedFrom(
+        java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+          PARSER, input, extensionRegistry);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parseFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+          PARSER, input, extensionRegistry);
+    }
+
+    @java.lang.Override
+    public Builder newBuilderForType() {
+      return newBuilder();
+    }
+
+    public static Builder newBuilder() {
+      return DEFAULT_INSTANCE.toBuilder();
+    }
+
+    public static Builder newBuilder(
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy prototype) {
+      return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+    }
+
+    @java.lang.Override
+    public Builder toBuilder() {
+      return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+    }
+
+    @java.lang.Override
+    protected Builder newBuilderForType(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      Builder builder = new Builder(parent);
+      return builder;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Specification of the MTLSPolicy.
+     * </pre>
+     *
+     * Protobuf type {@code google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy}
+     */
+    public static final class Builder
+        extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+        implements
+        // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy)
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicyOrBuilder {
+      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+        return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_descriptor;
+      }
+
+      @java.lang.Override
+      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+          internalGetFieldAccessorTable() {
+        return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_fieldAccessorTable
+            .ensureFieldAccessorsInitialized(
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.class,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder.class);
+      }
+
+      // Construct using com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.newBuilder()
+      private Builder() {
+        maybeForceBuilderInitialization();
+      }
+
+      private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+        super(parent);
+        maybeForceBuilderInitialization();
+      }
+
+      private void maybeForceBuilderInitialization() {
+        if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {
+          getClientValidationCaFieldBuilder();
+        }
+      }
+
+      @java.lang.Override
+      public Builder clear() {
+        super.clear();
+        if (clientValidationCaBuilder_ == null) {
+          clientValidationCa_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000001);
+        } else {
+          clientValidationCaBuilder_.clear();
+        }
+        return this;
+      }
+
+      @java.lang.Override
+      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+        return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+            .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_descriptor;
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy
+          getDefaultInstanceForType() {
+        return com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.getDefaultInstance();
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy build() {
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy result = buildPartial();
+        if (!result.isInitialized()) {
+          throw newUninitializedMessageException(result);
+        }
+        return result;
+      }
+
+      @java.lang.Override
+      public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy buildPartial() {
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy result =
+            new com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy(this);
+        int from_bitField0_ = bitField0_;
+        if (clientValidationCaBuilder_ == null) {
+          if (((bitField0_ & 0x00000001) != 0)) {
+            clientValidationCa_ = java.util.Collections.unmodifiableList(clientValidationCa_);
+            bitField0_ = (bitField0_ & ~0x00000001);
+          }
+          result.clientValidationCa_ = clientValidationCa_;
+        } else {
+          result.clientValidationCa_ = clientValidationCaBuilder_.build();
+        }
+        onBuilt();
+        return result;
+      }
+
+      @java.lang.Override
+      public Builder clone() {
+        return super.clone();
+      }
+
+      @java.lang.Override
+      public Builder setField(
+          com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+        return super.setField(field, value);
+      }
+
+      @java.lang.Override
+      public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+        return super.clearField(field);
+      }
+
+      @java.lang.Override
+      public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+        return super.clearOneof(oneof);
+      }
+
+      @java.lang.Override
+      public Builder setRepeatedField(
+          com.google.protobuf.Descriptors.FieldDescriptor field,
+          int index,
+          java.lang.Object value) {
+        return super.setRepeatedField(field, index, value);
+      }
+
+      @java.lang.Override
+      public Builder addRepeatedField(
+          com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+        return super.addRepeatedField(field, value);
+      }
+
+      @java.lang.Override
+      public Builder mergeFrom(com.google.protobuf.Message other) {
+        if (other instanceof com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy) {
+          return mergeFrom((com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy) other);
+        } else {
+          super.mergeFrom(other);
+          return this;
+        }
+      }
+
+      public Builder mergeFrom(
+          com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy other) {
+        if (other
+            == com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.getDefaultInstance())
+          return this;
+        if (clientValidationCaBuilder_ == null) {
+          if (!other.clientValidationCa_.isEmpty()) {
+            if (clientValidationCa_.isEmpty()) {
+              clientValidationCa_ = other.clientValidationCa_;
+              bitField0_ = (bitField0_ & ~0x00000001);
+            } else {
+              ensureClientValidationCaIsMutable();
+              clientValidationCa_.addAll(other.clientValidationCa_);
+            }
+            onChanged();
+          }
+        } else {
+          if (!other.clientValidationCa_.isEmpty()) {
+            if (clientValidationCaBuilder_.isEmpty()) {
+              clientValidationCaBuilder_.dispose();
+              clientValidationCaBuilder_ = null;
+              clientValidationCa_ = other.clientValidationCa_;
+              bitField0_ = (bitField0_ & ~0x00000001);
+              clientValidationCaBuilder_ =
+                  com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders
+                      ? getClientValidationCaFieldBuilder()
+                      : null;
+            } else {
+              clientValidationCaBuilder_.addAllMessages(other.clientValidationCa_);
+            }
+          }
+        }
+        this.mergeUnknownFields(other.unknownFields);
+        onChanged();
+        return this;
+      }
+
+      @java.lang.Override
+      public final boolean isInitialized() {
+        return true;
+      }
+
+      @java.lang.Override
+      public Builder mergeFrom(
+          com.google.protobuf.CodedInputStream input,
+          com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy parsedMessage = null;
+        try {
+          parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+        } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+          parsedMessage =
+              (com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy)
+                  e.getUnfinishedMessage();
+          throw e.unwrapIOException();
+        } finally {
+          if (parsedMessage != null) {
+            mergeFrom(parsedMessage);
+          }
+        }
+        return this;
+      }
+
+      private int bitField0_;
+
+      private java.util.List<com.google.cloud.networksecurity.v1.ValidationCA> clientValidationCa_ =
+          java.util.Collections.emptyList();
+
+      private void ensureClientValidationCaIsMutable() {
+        if (!((bitField0_ & 0x00000001) != 0)) {
+          clientValidationCa_ =
+              new java.util.ArrayList<com.google.cloud.networksecurity.v1.ValidationCA>(
+                  clientValidationCa_);
+          bitField0_ |= 0x00000001;
+        }
+      }
+
+      private com.google.protobuf.RepeatedFieldBuilderV3<
+              com.google.cloud.networksecurity.v1.ValidationCA,
+              com.google.cloud.networksecurity.v1.ValidationCA.Builder,
+              com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+          clientValidationCaBuilder_;
+
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public java.util.List<com.google.cloud.networksecurity.v1.ValidationCA>
+          getClientValidationCaList() {
+        if (clientValidationCaBuilder_ == null) {
+          return java.util.Collections.unmodifiableList(clientValidationCa_);
+        } else {
+          return clientValidationCaBuilder_.getMessageList();
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public int getClientValidationCaCount() {
+        if (clientValidationCaBuilder_ == null) {
+          return clientValidationCa_.size();
+        } else {
+          return clientValidationCaBuilder_.getCount();
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.ValidationCA getClientValidationCa(int index) {
+        if (clientValidationCaBuilder_ == null) {
+          return clientValidationCa_.get(index);
+        } else {
+          return clientValidationCaBuilder_.getMessage(index);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder setClientValidationCa(
+          int index, com.google.cloud.networksecurity.v1.ValidationCA value) {
+        if (clientValidationCaBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureClientValidationCaIsMutable();
+          clientValidationCa_.set(index, value);
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.setMessage(index, value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder setClientValidationCa(
+          int index, com.google.cloud.networksecurity.v1.ValidationCA.Builder builderForValue) {
+        if (clientValidationCaBuilder_ == null) {
+          ensureClientValidationCaIsMutable();
+          clientValidationCa_.set(index, builderForValue.build());
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.setMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder addClientValidationCa(com.google.cloud.networksecurity.v1.ValidationCA value) {
+        if (clientValidationCaBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureClientValidationCaIsMutable();
+          clientValidationCa_.add(value);
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.addMessage(value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder addClientValidationCa(
+          int index, com.google.cloud.networksecurity.v1.ValidationCA value) {
+        if (clientValidationCaBuilder_ == null) {
+          if (value == null) {
+            throw new NullPointerException();
+          }
+          ensureClientValidationCaIsMutable();
+          clientValidationCa_.add(index, value);
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.addMessage(index, value);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder addClientValidationCa(
+          com.google.cloud.networksecurity.v1.ValidationCA.Builder builderForValue) {
+        if (clientValidationCaBuilder_ == null) {
+          ensureClientValidationCaIsMutable();
+          clientValidationCa_.add(builderForValue.build());
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.addMessage(builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder addClientValidationCa(
+          int index, com.google.cloud.networksecurity.v1.ValidationCA.Builder builderForValue) {
+        if (clientValidationCaBuilder_ == null) {
+          ensureClientValidationCaIsMutable();
+          clientValidationCa_.add(index, builderForValue.build());
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.addMessage(index, builderForValue.build());
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder addAllClientValidationCa(
+          java.lang.Iterable<? extends com.google.cloud.networksecurity.v1.ValidationCA> values) {
+        if (clientValidationCaBuilder_ == null) {
+          ensureClientValidationCaIsMutable();
+          com.google.protobuf.AbstractMessageLite.Builder.addAll(values, clientValidationCa_);
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.addAllMessages(values);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder clearClientValidationCa() {
+        if (clientValidationCaBuilder_ == null) {
+          clientValidationCa_ = java.util.Collections.emptyList();
+          bitField0_ = (bitField0_ & ~0x00000001);
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.clear();
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public Builder removeClientValidationCa(int index) {
+        if (clientValidationCaBuilder_ == null) {
+          ensureClientValidationCaIsMutable();
+          clientValidationCa_.remove(index);
+          onChanged();
+        } else {
+          clientValidationCaBuilder_.remove(index);
+        }
+        return this;
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.ValidationCA.Builder getClientValidationCaBuilder(
+          int index) {
+        return getClientValidationCaFieldBuilder().getBuilder(index);
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.ValidationCAOrBuilder
+          getClientValidationCaOrBuilder(int index) {
+        if (clientValidationCaBuilder_ == null) {
+          return clientValidationCa_.get(index);
+        } else {
+          return clientValidationCaBuilder_.getMessageOrBuilder(index);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public java.util.List<? extends com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+          getClientValidationCaOrBuilderList() {
+        if (clientValidationCaBuilder_ != null) {
+          return clientValidationCaBuilder_.getMessageOrBuilderList();
+        } else {
+          return java.util.Collections.unmodifiableList(clientValidationCa_);
+        }
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.ValidationCA.Builder
+          addClientValidationCaBuilder() {
+        return getClientValidationCaFieldBuilder()
+            .addBuilder(com.google.cloud.networksecurity.v1.ValidationCA.getDefaultInstance());
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public com.google.cloud.networksecurity.v1.ValidationCA.Builder addClientValidationCaBuilder(
+          int index) {
+        return getClientValidationCaFieldBuilder()
+            .addBuilder(
+                index, com.google.cloud.networksecurity.v1.ValidationCA.getDefaultInstance());
+      }
+      /**
+       *
+       *
+       * <pre>
+       * Defines the mechanism to obtain the Certificate Authority certificate to
+       * validate the client certificate.
+       * </pre>
+       *
+       * <code>repeated .google.cloud.networksecurity.v1.ValidationCA client_validation_ca = 1;
+       * </code>
+       */
+      public java.util.List<com.google.cloud.networksecurity.v1.ValidationCA.Builder>
+          getClientValidationCaBuilderList() {
+        return getClientValidationCaFieldBuilder().getBuilderList();
+      }
+
+      private com.google.protobuf.RepeatedFieldBuilderV3<
+              com.google.cloud.networksecurity.v1.ValidationCA,
+              com.google.cloud.networksecurity.v1.ValidationCA.Builder,
+              com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>
+          getClientValidationCaFieldBuilder() {
+        if (clientValidationCaBuilder_ == null) {
+          clientValidationCaBuilder_ =
+              new com.google.protobuf.RepeatedFieldBuilderV3<
+                  com.google.cloud.networksecurity.v1.ValidationCA,
+                  com.google.cloud.networksecurity.v1.ValidationCA.Builder,
+                  com.google.cloud.networksecurity.v1.ValidationCAOrBuilder>(
+                  clientValidationCa_,
+                  ((bitField0_ & 0x00000001) != 0),
+                  getParentForChildren(),
+                  isClean());
+          clientValidationCa_ = null;
+        }
+        return clientValidationCaBuilder_;
+      }
+
+      @java.lang.Override
+      public final Builder setUnknownFields(
+          final com.google.protobuf.UnknownFieldSet unknownFields) {
+        return super.setUnknownFields(unknownFields);
+      }
+
+      @java.lang.Override
+      public final Builder mergeUnknownFields(
+          final com.google.protobuf.UnknownFieldSet unknownFields) {
+        return super.mergeUnknownFields(unknownFields);
+      }
+
+      // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy)
+    }
+
+    // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy)
+    private static final com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy
+        DEFAULT_INSTANCE;
+
+    static {
+      DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy();
+    }
+
+    public static com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy
+        getDefaultInstance() {
+      return DEFAULT_INSTANCE;
+    }
+
+    private static final com.google.protobuf.Parser<MTLSPolicy> PARSER =
+        new com.google.protobuf.AbstractParser<MTLSPolicy>() {
+          @java.lang.Override
+          public MTLSPolicy parsePartialFrom(
+              com.google.protobuf.CodedInputStream input,
+              com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+              throws com.google.protobuf.InvalidProtocolBufferException {
+            return new MTLSPolicy(input, extensionRegistry);
+          }
+        };
+
+    public static com.google.protobuf.Parser<MTLSPolicy> parser() {
+      return PARSER;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Parser<MTLSPolicy> getParserForType() {
+      return PARSER;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy
+        getDefaultInstanceForType() {
+      return DEFAULT_INSTANCE;
+    }
+  }
+
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The name.
+   */
+  @java.lang.Override
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for name.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DESCRIPTION_FIELD_NUMBER = 2;
+  private volatile java.lang.Object description_;
+  /**
+   *
+   *
+   * <pre>
+   * Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2;</code>
+   *
+   * @return The description.
+   */
+  @java.lang.Override
+  public java.lang.String getDescription() {
+    java.lang.Object ref = description_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      description_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2;</code>
+   *
+   * @return The bytes for description.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getDescriptionBytes() {
+    java.lang.Object ref = description_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      description_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int CREATE_TIME_FIELD_NUMBER = 3;
+  private com.google.protobuf.Timestamp createTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasCreateTime() {
+    return createTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getCreateTime() {
+    return createTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : createTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+    return getCreateTime();
+  }
+
+  public static final int UPDATE_TIME_FIELD_NUMBER = 4;
+  private com.google.protobuf.Timestamp updateTime_;
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the updateTime field is set.
+   */
+  @java.lang.Override
+  public boolean hasUpdateTime() {
+    return updateTime_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The updateTime.
+   */
+  @java.lang.Override
+  public com.google.protobuf.Timestamp getUpdateTime() {
+    return updateTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : updateTime_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder() {
+    return getUpdateTime();
+  }
+
+  public static final int LABELS_FIELD_NUMBER = 5;
+
+  private static final class LabelsDefaultEntryHolder {
+    static final com.google.protobuf.MapEntry<java.lang.String, java.lang.String> defaultEntry =
+        com.google.protobuf.MapEntry.<java.lang.String, java.lang.String>newDefaultInstance(
+            com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+                .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_LabelsEntry_descriptor,
+            com.google.protobuf.WireFormat.FieldType.STRING,
+            "",
+            com.google.protobuf.WireFormat.FieldType.STRING,
+            "");
+  }
+
+  private com.google.protobuf.MapField<java.lang.String, java.lang.String> labels_;
+
+  private com.google.protobuf.MapField<java.lang.String, java.lang.String> internalGetLabels() {
+    if (labels_ == null) {
+      return com.google.protobuf.MapField.emptyMapField(LabelsDefaultEntryHolder.defaultEntry);
+    }
+    return labels_;
+  }
+
+  public int getLabelsCount() {
+    return internalGetLabels().getMap().size();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  @java.lang.Override
+  public boolean containsLabels(java.lang.String key) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    return internalGetLabels().getMap().containsKey(key);
+  }
+  /** Use {@link #getLabelsMap()} instead. */
+  @java.lang.Override
+  @java.lang.Deprecated
+  public java.util.Map<java.lang.String, java.lang.String> getLabels() {
+    return getLabelsMap();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  @java.lang.Override
+  public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
+    return internalGetLabels().getMap();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  @java.lang.Override
+  public java.lang.String getLabelsOrDefault(java.lang.String key, java.lang.String defaultValue) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+    return map.containsKey(key) ? map.get(key) : defaultValue;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  @java.lang.Override
+  public java.lang.String getLabelsOrThrow(java.lang.String key) {
+    if (key == null) {
+      throw new NullPointerException("map key");
+    }
+    java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+    if (!map.containsKey(key)) {
+      throw new java.lang.IllegalArgumentException();
+    }
+    return map.get(key);
+  }
+
+  public static final int ALLOW_OPEN_FIELD_NUMBER = 6;
+  private boolean allowOpen_;
+  /**
+   *
+   *
+   * <pre>
+   * Determines if server allows plaintext connections. If set to true, server
+   * allows plain text connections. By default, it is set to false. This setting
+   * is not exclusive of other encryption modes. For example, if `allow_open`
+   * and `mtls_policy` are set, server allows both plain text and mTLS
+   * connections. See documentation of other encryption modes to confirm
+   * compatibility.
+   * Consider using it if you wish to upgrade in place your deployment to TLS
+   * while having mixed TLS and non-TLS traffic reaching port :80.
+   * </pre>
+   *
+   * <code>bool allow_open = 6;</code>
+   *
+   * @return The allowOpen.
+   */
+  @java.lang.Override
+  public boolean getAllowOpen() {
+    return allowOpen_;
+  }
+
+  public static final int SERVER_CERTIFICATE_FIELD_NUMBER = 7;
+  private com.google.cloud.networksecurity.v1.CertificateProvider serverCertificate_;
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision server identity (public and private keys).
+   * Cannot be combined with `allow_open` as a permissive mode that allows both
+   * plain text and TLS is not supported.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+   *
+   * @return Whether the serverCertificate field is set.
+   */
+  @java.lang.Override
+  public boolean hasServerCertificate() {
+    return serverCertificate_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision server identity (public and private keys).
+   * Cannot be combined with `allow_open` as a permissive mode that allows both
+   * plain text and TLS is not supported.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+   *
+   * @return The serverCertificate.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProvider getServerCertificate() {
+    return serverCertificate_ == null
+        ? com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance()
+        : serverCertificate_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision server identity (public and private keys).
+   * Cannot be combined with `allow_open` as a permissive mode that allows both
+   * plain text and TLS is not supported.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder
+      getServerCertificateOrBuilder() {
+    return getServerCertificate();
+  }
+
+  public static final int MTLS_POLICY_FIELD_NUMBER = 8;
+  private com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtlsPolicy_;
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision peer validation certificates for peer to
+   * peer authentication (Mutual TLS - mTLS). If not specified, client
+   * certificate will not be requested. The connection is treated as TLS and not
+   * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+   * text and mTLS connections.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+   *
+   * @return Whether the mtlsPolicy field is set.
+   */
+  @java.lang.Override
+  public boolean hasMtlsPolicy() {
+    return mtlsPolicy_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision peer validation certificates for peer to
+   * peer authentication (Mutual TLS - mTLS). If not specified, client
+   * certificate will not be requested. The connection is treated as TLS and not
+   * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+   * text and mTLS connections.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+   *
+   * @return The mtlsPolicy.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy getMtlsPolicy() {
+    return mtlsPolicy_ == null
+        ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.getDefaultInstance()
+        : mtlsPolicy_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision peer validation certificates for peer to
+   * peer authentication (Mutual TLS - mTLS). If not specified, client
+   * certificate will not be requested. The connection is treated as TLS and not
+   * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+   * text and mTLS connections.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicyOrBuilder
+      getMtlsPolicyOrBuilder() {
+    return getMtlsPolicy();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(description_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, description_);
+    }
+    if (createTime_ != null) {
+      output.writeMessage(3, getCreateTime());
+    }
+    if (updateTime_ != null) {
+      output.writeMessage(4, getUpdateTime());
+    }
+    com.google.protobuf.GeneratedMessageV3.serializeStringMapTo(
+        output, internalGetLabels(), LabelsDefaultEntryHolder.defaultEntry, 5);
+    if (allowOpen_ != false) {
+      output.writeBool(6, allowOpen_);
+    }
+    if (serverCertificate_ != null) {
+      output.writeMessage(7, getServerCertificate());
+    }
+    if (mtlsPolicy_ != null) {
+      output.writeMessage(8, getMtlsPolicy());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(description_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, description_);
+    }
+    if (createTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getCreateTime());
+    }
+    if (updateTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(4, getUpdateTime());
+    }
+    for (java.util.Map.Entry<java.lang.String, java.lang.String> entry :
+        internalGetLabels().getMap().entrySet()) {
+      com.google.protobuf.MapEntry<java.lang.String, java.lang.String> labels__ =
+          LabelsDefaultEntryHolder.defaultEntry
+              .newBuilderForType()
+              .setKey(entry.getKey())
+              .setValue(entry.getValue())
+              .build();
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(5, labels__);
+    }
+    if (allowOpen_ != false) {
+      size += com.google.protobuf.CodedOutputStream.computeBoolSize(6, allowOpen_);
+    }
+    if (serverCertificate_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(7, getServerCertificate());
+    }
+    if (mtlsPolicy_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(8, getMtlsPolicy());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ServerTlsPolicy)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ServerTlsPolicy other =
+        (com.google.cloud.networksecurity.v1.ServerTlsPolicy) obj;
+
+    if (!getName().equals(other.getName())) return false;
+    if (!getDescription().equals(other.getDescription())) return false;
+    if (hasCreateTime() != other.hasCreateTime()) return false;
+    if (hasCreateTime()) {
+      if (!getCreateTime().equals(other.getCreateTime())) return false;
+    }
+    if (hasUpdateTime() != other.hasUpdateTime()) return false;
+    if (hasUpdateTime()) {
+      if (!getUpdateTime().equals(other.getUpdateTime())) return false;
+    }
+    if (!internalGetLabels().equals(other.internalGetLabels())) return false;
+    if (getAllowOpen() != other.getAllowOpen()) return false;
+    if (hasServerCertificate() != other.hasServerCertificate()) return false;
+    if (hasServerCertificate()) {
+      if (!getServerCertificate().equals(other.getServerCertificate())) return false;
+    }
+    if (hasMtlsPolicy() != other.hasMtlsPolicy()) return false;
+    if (hasMtlsPolicy()) {
+      if (!getMtlsPolicy().equals(other.getMtlsPolicy())) return false;
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    hash = (37 * hash) + DESCRIPTION_FIELD_NUMBER;
+    hash = (53 * hash) + getDescription().hashCode();
+    if (hasCreateTime()) {
+      hash = (37 * hash) + CREATE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getCreateTime().hashCode();
+    }
+    if (hasUpdateTime()) {
+      hash = (37 * hash) + UPDATE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getUpdateTime().hashCode();
+    }
+    if (!internalGetLabels().getMap().isEmpty()) {
+      hash = (37 * hash) + LABELS_FIELD_NUMBER;
+      hash = (53 * hash) + internalGetLabels().hashCode();
+    }
+    hash = (37 * hash) + ALLOW_OPEN_FIELD_NUMBER;
+    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(getAllowOpen());
+    if (hasServerCertificate()) {
+      hash = (37 * hash) + SERVER_CERTIFICATE_FIELD_NUMBER;
+      hash = (53 * hash) + getServerCertificate().hashCode();
+    }
+    if (hasMtlsPolicy()) {
+      hash = (37 * hash) + MTLS_POLICY_FIELD_NUMBER;
+      hash = (53 * hash) + getMtlsPolicy().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(com.google.cloud.networksecurity.v1.ServerTlsPolicy prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * ServerTlsPolicy is a resource that specifies how a server should authenticate
+   * incoming requests. This resource itself does not affect configuration unless
+   * it is attached to a target https proxy or endpoint config selector resource.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ServerTlsPolicy}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ServerTlsPolicy)
+      com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor;
+    }
+
+    @SuppressWarnings({"rawtypes"})
+    protected com.google.protobuf.MapField internalGetMapField(int number) {
+      switch (number) {
+        case 5:
+          return internalGetLabels();
+        default:
+          throw new RuntimeException("Invalid map field number: " + number);
+      }
+    }
+
+    @SuppressWarnings({"rawtypes"})
+    protected com.google.protobuf.MapField internalGetMutableMapField(int number) {
+      switch (number) {
+        case 5:
+          return internalGetMutableLabels();
+        default:
+          throw new RuntimeException("Invalid map field number: " + number);
+      }
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.class,
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.ServerTlsPolicy.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      description_ = "";
+
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = null;
+      } else {
+        updateTime_ = null;
+        updateTimeBuilder_ = null;
+      }
+      internalGetMutableLabels().clear();
+      allowOpen_ = false;
+
+      if (serverCertificateBuilder_ == null) {
+        serverCertificate_ = null;
+      } else {
+        serverCertificate_ = null;
+        serverCertificateBuilder_ = null;
+      }
+      if (mtlsPolicyBuilder_ == null) {
+        mtlsPolicy_ = null;
+      } else {
+        mtlsPolicy_ = null;
+        mtlsPolicyBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy build() {
+      com.google.cloud.networksecurity.v1.ServerTlsPolicy result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy buildPartial() {
+      com.google.cloud.networksecurity.v1.ServerTlsPolicy result =
+          new com.google.cloud.networksecurity.v1.ServerTlsPolicy(this);
+      int from_bitField0_ = bitField0_;
+      result.name_ = name_;
+      result.description_ = description_;
+      if (createTimeBuilder_ == null) {
+        result.createTime_ = createTime_;
+      } else {
+        result.createTime_ = createTimeBuilder_.build();
+      }
+      if (updateTimeBuilder_ == null) {
+        result.updateTime_ = updateTime_;
+      } else {
+        result.updateTime_ = updateTimeBuilder_.build();
+      }
+      result.labels_ = internalGetLabels();
+      result.labels_.makeImmutable();
+      result.allowOpen_ = allowOpen_;
+      if (serverCertificateBuilder_ == null) {
+        result.serverCertificate_ = serverCertificate_;
+      } else {
+        result.serverCertificate_ = serverCertificateBuilder_.build();
+      }
+      if (mtlsPolicyBuilder_ == null) {
+        result.mtlsPolicy_ = mtlsPolicy_;
+      } else {
+        result.mtlsPolicy_ = mtlsPolicyBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ServerTlsPolicy) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.ServerTlsPolicy) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.ServerTlsPolicy other) {
+      if (other == com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance())
+        return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.getDescription().isEmpty()) {
+        description_ = other.description_;
+        onChanged();
+      }
+      if (other.hasCreateTime()) {
+        mergeCreateTime(other.getCreateTime());
+      }
+      if (other.hasUpdateTime()) {
+        mergeUpdateTime(other.getUpdateTime());
+      }
+      internalGetMutableLabels().mergeFrom(other.internalGetLabels());
+      if (other.getAllowOpen() != false) {
+        setAllowOpen(other.getAllowOpen());
+      }
+      if (other.hasServerCertificate()) {
+        mergeServerCertificate(other.getServerCertificate());
+      }
+      if (other.hasMtlsPolicy()) {
+        mergeMtlsPolicy(other.getMtlsPolicy());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ServerTlsPolicy parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.ServerTlsPolicy) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The name.
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return The bytes for name.
+     */
+    public com.google.protobuf.ByteString getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setName(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearName() {
+
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+     * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+     * </pre>
+     *
+     * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+     *
+     * @param value The bytes for name to set.
+     * @return This builder for chaining.
+     */
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object description_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2;</code>
+     *
+     * @return The description.
+     */
+    public java.lang.String getDescription() {
+      java.lang.Object ref = description_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        description_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2;</code>
+     *
+     * @return The bytes for description.
+     */
+    public com.google.protobuf.ByteString getDescriptionBytes() {
+      java.lang.Object ref = description_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        description_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2;</code>
+     *
+     * @param value The description to set.
+     * @return This builder for chaining.
+     */
+    public Builder setDescription(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      description_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearDescription() {
+
+      description_ = getDefaultInstance().getDescription();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Free-text description of the resource.
+     * </pre>
+     *
+     * <code>string description = 2;</code>
+     *
+     * @param value The bytes for description to set.
+     * @return This builder for chaining.
+     */
+    public Builder setDescriptionBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      description_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp createTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        createTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the createTime field is set.
+     */
+    public boolean hasCreateTime() {
+      return createTimeBuilder_ != null || createTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The createTime.
+     */
+    public com.google.protobuf.Timestamp getCreateTime() {
+      if (createTimeBuilder_ == null) {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      } else {
+        return createTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        createTime_ = value;
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setCreateTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (createTimeBuilder_ == null) {
+        createTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        createTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeCreateTime(com.google.protobuf.Timestamp value) {
+      if (createTimeBuilder_ == null) {
+        if (createTime_ != null) {
+          createTime_ =
+              com.google.protobuf.Timestamp.newBuilder(createTime_).mergeFrom(value).buildPartial();
+        } else {
+          createTime_ = value;
+        }
+        onChanged();
+      } else {
+        createTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearCreateTime() {
+      if (createTimeBuilder_ == null) {
+        createTime_ = null;
+        onChanged();
+      } else {
+        createTime_ = null;
+        createTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getCreateTimeBuilder() {
+
+      onChanged();
+      return getCreateTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
+      if (createTimeBuilder_ != null) {
+        return createTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return createTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : createTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was created.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getCreateTimeFieldBuilder() {
+      if (createTimeBuilder_ == null) {
+        createTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getCreateTime(), getParentForChildren(), isClean());
+        createTime_ = null;
+      }
+      return createTimeBuilder_;
+    }
+
+    private com.google.protobuf.Timestamp updateTime_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        updateTimeBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return Whether the updateTime field is set.
+     */
+    public boolean hasUpdateTime() {
+      return updateTimeBuilder_ != null || updateTime_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     *
+     * @return The updateTime.
+     */
+    public com.google.protobuf.Timestamp getUpdateTime() {
+      if (updateTimeBuilder_ == null) {
+        return updateTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : updateTime_;
+      } else {
+        return updateTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setUpdateTime(com.google.protobuf.Timestamp value) {
+      if (updateTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        updateTime_ = value;
+        onChanged();
+      } else {
+        updateTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder setUpdateTime(com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        updateTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder mergeUpdateTime(com.google.protobuf.Timestamp value) {
+      if (updateTimeBuilder_ == null) {
+        if (updateTime_ != null) {
+          updateTime_ =
+              com.google.protobuf.Timestamp.newBuilder(updateTime_).mergeFrom(value).buildPartial();
+        } else {
+          updateTime_ = value;
+        }
+        onChanged();
+      } else {
+        updateTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public Builder clearUpdateTime() {
+      if (updateTimeBuilder_ == null) {
+        updateTime_ = null;
+        onChanged();
+      } else {
+        updateTime_ = null;
+        updateTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.Timestamp.Builder getUpdateTimeBuilder() {
+
+      onChanged();
+      return getUpdateTimeFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder() {
+      if (updateTimeBuilder_ != null) {
+        return updateTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return updateTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : updateTime_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Output only. The timestamp when the resource was updated.
+     * </pre>
+     *
+     * <code>
+     * .google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        getUpdateTimeFieldBuilder() {
+      if (updateTimeBuilder_ == null) {
+        updateTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getUpdateTime(), getParentForChildren(), isClean());
+        updateTime_ = null;
+      }
+      return updateTimeBuilder_;
+    }
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String> labels_;
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String> internalGetLabels() {
+      if (labels_ == null) {
+        return com.google.protobuf.MapField.emptyMapField(LabelsDefaultEntryHolder.defaultEntry);
+      }
+      return labels_;
+    }
+
+    private com.google.protobuf.MapField<java.lang.String, java.lang.String>
+        internalGetMutableLabels() {
+      onChanged();
+      ;
+      if (labels_ == null) {
+        labels_ = com.google.protobuf.MapField.newMapField(LabelsDefaultEntryHolder.defaultEntry);
+      }
+      if (!labels_.isMutable()) {
+        labels_ = labels_.copy();
+      }
+      return labels_;
+    }
+
+    public int getLabelsCount() {
+      return internalGetLabels().getMap().size();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5;</code>
+     */
+    @java.lang.Override
+    public boolean containsLabels(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      return internalGetLabels().getMap().containsKey(key);
+    }
+    /** Use {@link #getLabelsMap()} instead. */
+    @java.lang.Override
+    @java.lang.Deprecated
+    public java.util.Map<java.lang.String, java.lang.String> getLabels() {
+      return getLabelsMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5;</code>
+     */
+    @java.lang.Override
+    public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
+      return internalGetLabels().getMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5;</code>
+     */
+    @java.lang.Override
+    public java.lang.String getLabelsOrDefault(
+        java.lang.String key, java.lang.String defaultValue) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+      return map.containsKey(key) ? map.get(key) : defaultValue;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5;</code>
+     */
+    @java.lang.Override
+    public java.lang.String getLabelsOrThrow(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      java.util.Map<java.lang.String, java.lang.String> map = internalGetLabels().getMap();
+      if (!map.containsKey(key)) {
+        throw new java.lang.IllegalArgumentException();
+      }
+      return map.get(key);
+    }
+
+    public Builder clearLabels() {
+      internalGetMutableLabels().getMutableMap().clear();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5;</code>
+     */
+    public Builder removeLabels(java.lang.String key) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      internalGetMutableLabels().getMutableMap().remove(key);
+      return this;
+    }
+    /** Use alternate mutation accessors instead. */
+    @java.lang.Deprecated
+    public java.util.Map<java.lang.String, java.lang.String> getMutableLabels() {
+      return internalGetMutableLabels().getMutableMap();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5;</code>
+     */
+    public Builder putLabels(java.lang.String key, java.lang.String value) {
+      if (key == null) {
+        throw new NullPointerException("map key");
+      }
+      if (value == null) {
+        throw new NullPointerException("map value");
+      }
+
+      internalGetMutableLabels().getMutableMap().put(key, value);
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Set of label tags associated with the resource.
+     * </pre>
+     *
+     * <code>map&lt;string, string&gt; labels = 5;</code>
+     */
+    public Builder putAllLabels(java.util.Map<java.lang.String, java.lang.String> values) {
+      internalGetMutableLabels().getMutableMap().putAll(values);
+      return this;
+    }
+
+    private boolean allowOpen_;
+    /**
+     *
+     *
+     * <pre>
+     * Determines if server allows plaintext connections. If set to true, server
+     * allows plain text connections. By default, it is set to false. This setting
+     * is not exclusive of other encryption modes. For example, if `allow_open`
+     * and `mtls_policy` are set, server allows both plain text and mTLS
+     * connections. See documentation of other encryption modes to confirm
+     * compatibility.
+     * Consider using it if you wish to upgrade in place your deployment to TLS
+     * while having mixed TLS and non-TLS traffic reaching port :80.
+     * </pre>
+     *
+     * <code>bool allow_open = 6;</code>
+     *
+     * @return The allowOpen.
+     */
+    @java.lang.Override
+    public boolean getAllowOpen() {
+      return allowOpen_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Determines if server allows plaintext connections. If set to true, server
+     * allows plain text connections. By default, it is set to false. This setting
+     * is not exclusive of other encryption modes. For example, if `allow_open`
+     * and `mtls_policy` are set, server allows both plain text and mTLS
+     * connections. See documentation of other encryption modes to confirm
+     * compatibility.
+     * Consider using it if you wish to upgrade in place your deployment to TLS
+     * while having mixed TLS and non-TLS traffic reaching port :80.
+     * </pre>
+     *
+     * <code>bool allow_open = 6;</code>
+     *
+     * @param value The allowOpen to set.
+     * @return This builder for chaining.
+     */
+    public Builder setAllowOpen(boolean value) {
+
+      allowOpen_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Determines if server allows plaintext connections. If set to true, server
+     * allows plain text connections. By default, it is set to false. This setting
+     * is not exclusive of other encryption modes. For example, if `allow_open`
+     * and `mtls_policy` are set, server allows both plain text and mTLS
+     * connections. See documentation of other encryption modes to confirm
+     * compatibility.
+     * Consider using it if you wish to upgrade in place your deployment to TLS
+     * while having mixed TLS and non-TLS traffic reaching port :80.
+     * </pre>
+     *
+     * <code>bool allow_open = 6;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearAllowOpen() {
+
+      allowOpen_ = false;
+      onChanged();
+      return this;
+    }
+
+    private com.google.cloud.networksecurity.v1.CertificateProvider serverCertificate_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProvider,
+            com.google.cloud.networksecurity.v1.CertificateProvider.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder>
+        serverCertificateBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     *
+     * @return Whether the serverCertificate field is set.
+     */
+    public boolean hasServerCertificate() {
+      return serverCertificateBuilder_ != null || serverCertificate_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     *
+     * @return The serverCertificate.
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProvider getServerCertificate() {
+      if (serverCertificateBuilder_ == null) {
+        return serverCertificate_ == null
+            ? com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance()
+            : serverCertificate_;
+      } else {
+        return serverCertificateBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     */
+    public Builder setServerCertificate(
+        com.google.cloud.networksecurity.v1.CertificateProvider value) {
+      if (serverCertificateBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        serverCertificate_ = value;
+        onChanged();
+      } else {
+        serverCertificateBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     */
+    public Builder setServerCertificate(
+        com.google.cloud.networksecurity.v1.CertificateProvider.Builder builderForValue) {
+      if (serverCertificateBuilder_ == null) {
+        serverCertificate_ = builderForValue.build();
+        onChanged();
+      } else {
+        serverCertificateBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     */
+    public Builder mergeServerCertificate(
+        com.google.cloud.networksecurity.v1.CertificateProvider value) {
+      if (serverCertificateBuilder_ == null) {
+        if (serverCertificate_ != null) {
+          serverCertificate_ =
+              com.google.cloud.networksecurity.v1.CertificateProvider.newBuilder(serverCertificate_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          serverCertificate_ = value;
+        }
+        onChanged();
+      } else {
+        serverCertificateBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     */
+    public Builder clearServerCertificate() {
+      if (serverCertificateBuilder_ == null) {
+        serverCertificate_ = null;
+        onChanged();
+      } else {
+        serverCertificate_ = null;
+        serverCertificateBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProvider.Builder
+        getServerCertificateBuilder() {
+
+      onChanged();
+      return getServerCertificateFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder
+        getServerCertificateOrBuilder() {
+      if (serverCertificateBuilder_ != null) {
+        return serverCertificateBuilder_.getMessageOrBuilder();
+      } else {
+        return serverCertificate_ == null
+            ? com.google.cloud.networksecurity.v1.CertificateProvider.getDefaultInstance()
+            : serverCertificate_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision server identity (public and private keys).
+     * Cannot be combined with `allow_open` as a permissive mode that allows both
+     * plain text and TLS is not supported.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProvider,
+            com.google.cloud.networksecurity.v1.CertificateProvider.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder>
+        getServerCertificateFieldBuilder() {
+      if (serverCertificateBuilder_ == null) {
+        serverCertificateBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.CertificateProvider,
+                com.google.cloud.networksecurity.v1.CertificateProvider.Builder,
+                com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder>(
+                getServerCertificate(), getParentForChildren(), isClean());
+        serverCertificate_ = null;
+      }
+      return serverCertificateBuilder_;
+    }
+
+    private com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtlsPolicy_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicyOrBuilder>
+        mtlsPolicyBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     *
+     * @return Whether the mtlsPolicy field is set.
+     */
+    public boolean hasMtlsPolicy() {
+      return mtlsPolicyBuilder_ != null || mtlsPolicy_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     *
+     * @return The mtlsPolicy.
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy getMtlsPolicy() {
+      if (mtlsPolicyBuilder_ == null) {
+        return mtlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.getDefaultInstance()
+            : mtlsPolicy_;
+      } else {
+        return mtlsPolicyBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     */
+    public Builder setMtlsPolicy(
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy value) {
+      if (mtlsPolicyBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        mtlsPolicy_ = value;
+        onChanged();
+      } else {
+        mtlsPolicyBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     */
+    public Builder setMtlsPolicy(
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder builderForValue) {
+      if (mtlsPolicyBuilder_ == null) {
+        mtlsPolicy_ = builderForValue.build();
+        onChanged();
+      } else {
+        mtlsPolicyBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     */
+    public Builder mergeMtlsPolicy(
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy value) {
+      if (mtlsPolicyBuilder_ == null) {
+        if (mtlsPolicy_ != null) {
+          mtlsPolicy_ =
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.newBuilder(mtlsPolicy_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          mtlsPolicy_ = value;
+        }
+        onChanged();
+      } else {
+        mtlsPolicyBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     */
+    public Builder clearMtlsPolicy() {
+      if (mtlsPolicyBuilder_ == null) {
+        mtlsPolicy_ = null;
+        onChanged();
+      } else {
+        mtlsPolicy_ = null;
+        mtlsPolicyBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder
+        getMtlsPolicyBuilder() {
+
+      onChanged();
+      return getMtlsPolicyFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicyOrBuilder
+        getMtlsPolicyOrBuilder() {
+      if (mtlsPolicyBuilder_ != null) {
+        return mtlsPolicyBuilder_.getMessageOrBuilder();
+      } else {
+        return mtlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.getDefaultInstance()
+            : mtlsPolicy_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Defines a mechanism to provision peer validation certificates for peer to
+     * peer authentication (Mutual TLS - mTLS). If not specified, client
+     * certificate will not be requested. The connection is treated as TLS and not
+     * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+     * text and mTLS connections.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicyOrBuilder>
+        getMtlsPolicyFieldBuilder() {
+      if (mtlsPolicyBuilder_ == null) {
+        mtlsPolicyBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy.Builder,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicyOrBuilder>(
+                getMtlsPolicy(), getParentForChildren(), isClean());
+        mtlsPolicy_ = null;
+      }
+      return mtlsPolicyBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ServerTlsPolicy)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ServerTlsPolicy)
+  private static final com.google.cloud.networksecurity.v1.ServerTlsPolicy DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ServerTlsPolicy();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ServerTlsPolicy getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ServerTlsPolicy> PARSER =
+      new com.google.protobuf.AbstractParser<ServerTlsPolicy>() {
+        @java.lang.Override
+        public ServerTlsPolicy parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ServerTlsPolicy(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ServerTlsPolicy> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ServerTlsPolicy> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicy getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyName.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyName.java
new file mode 100644
index 000000000000..f5bbd6a6c9e1
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyName.java
@@ -0,0 +1,227 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1;
+
+import com.google.api.pathtemplate.PathTemplate;
+import com.google.api.resourcenames.ResourceName;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableMap;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+@Generated("by gapic-generator-java")
+public class ServerTlsPolicyName implements ResourceName {
+  private static final PathTemplate PROJECT_LOCATION_SERVER_TLS_POLICY =
+      PathTemplate.createWithoutUrlEncoding(
+          "projects/{project}/locations/{location}/serverTlsPolicies/{server_tls_policy}");
+  private volatile Map<String, String> fieldValuesMap;
+  private final String project;
+  private final String location;
+  private final String serverTlsPolicy;
+
+  @Deprecated
+  protected ServerTlsPolicyName() {
+    project = null;
+    location = null;
+    serverTlsPolicy = null;
+  }
+
+  private ServerTlsPolicyName(Builder builder) {
+    project = Preconditions.checkNotNull(builder.getProject());
+    location = Preconditions.checkNotNull(builder.getLocation());
+    serverTlsPolicy = Preconditions.checkNotNull(builder.getServerTlsPolicy());
+  }
+
+  public String getProject() {
+    return project;
+  }
+
+  public String getLocation() {
+    return location;
+  }
+
+  public String getServerTlsPolicy() {
+    return serverTlsPolicy;
+  }
+
+  public static Builder newBuilder() {
+    return new Builder();
+  }
+
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  public static ServerTlsPolicyName of(String project, String location, String serverTlsPolicy) {
+    return newBuilder()
+        .setProject(project)
+        .setLocation(location)
+        .setServerTlsPolicy(serverTlsPolicy)
+        .build();
+  }
+
+  public static String format(String project, String location, String serverTlsPolicy) {
+    return newBuilder()
+        .setProject(project)
+        .setLocation(location)
+        .setServerTlsPolicy(serverTlsPolicy)
+        .build()
+        .toString();
+  }
+
+  public static ServerTlsPolicyName parse(String formattedString) {
+    if (formattedString.isEmpty()) {
+      return null;
+    }
+    Map<String, String> matchMap =
+        PROJECT_LOCATION_SERVER_TLS_POLICY.validatedMatch(
+            formattedString, "ServerTlsPolicyName.parse: formattedString not in valid format");
+    return of(matchMap.get("project"), matchMap.get("location"), matchMap.get("server_tls_policy"));
+  }
+
+  public static List<ServerTlsPolicyName> parseList(List<String> formattedStrings) {
+    List<ServerTlsPolicyName> list = new ArrayList<>(formattedStrings.size());
+    for (String formattedString : formattedStrings) {
+      list.add(parse(formattedString));
+    }
+    return list;
+  }
+
+  public static List<String> toStringList(List<ServerTlsPolicyName> values) {
+    List<String> list = new ArrayList<>(values.size());
+    for (ServerTlsPolicyName value : values) {
+      if (value == null) {
+        list.add("");
+      } else {
+        list.add(value.toString());
+      }
+    }
+    return list;
+  }
+
+  public static boolean isParsableFrom(String formattedString) {
+    return PROJECT_LOCATION_SERVER_TLS_POLICY.matches(formattedString);
+  }
+
+  @Override
+  public Map<String, String> getFieldValuesMap() {
+    if (fieldValuesMap == null) {
+      synchronized (this) {
+        if (fieldValuesMap == null) {
+          ImmutableMap.Builder<String, String> fieldMapBuilder = ImmutableMap.builder();
+          if (project != null) {
+            fieldMapBuilder.put("project", project);
+          }
+          if (location != null) {
+            fieldMapBuilder.put("location", location);
+          }
+          if (serverTlsPolicy != null) {
+            fieldMapBuilder.put("server_tls_policy", serverTlsPolicy);
+          }
+          fieldValuesMap = fieldMapBuilder.build();
+        }
+      }
+    }
+    return fieldValuesMap;
+  }
+
+  public String getFieldValue(String fieldName) {
+    return getFieldValuesMap().get(fieldName);
+  }
+
+  @Override
+  public String toString() {
+    return PROJECT_LOCATION_SERVER_TLS_POLICY.instantiate(
+        "project", project, "location", location, "server_tls_policy", serverTlsPolicy);
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (o == this) {
+      return true;
+    }
+    if (o != null || getClass() == o.getClass()) {
+      ServerTlsPolicyName that = ((ServerTlsPolicyName) o);
+      return Objects.equals(this.project, that.project)
+          && Objects.equals(this.location, that.location)
+          && Objects.equals(this.serverTlsPolicy, that.serverTlsPolicy);
+    }
+    return false;
+  }
+
+  @Override
+  public int hashCode() {
+    int h = 1;
+    h *= 1000003;
+    h ^= Objects.hashCode(project);
+    h *= 1000003;
+    h ^= Objects.hashCode(location);
+    h *= 1000003;
+    h ^= Objects.hashCode(serverTlsPolicy);
+    return h;
+  }
+
+  /** Builder for projects/{project}/locations/{location}/serverTlsPolicies/{server_tls_policy}. */
+  public static class Builder {
+    private String project;
+    private String location;
+    private String serverTlsPolicy;
+
+    protected Builder() {}
+
+    public String getProject() {
+      return project;
+    }
+
+    public String getLocation() {
+      return location;
+    }
+
+    public String getServerTlsPolicy() {
+      return serverTlsPolicy;
+    }
+
+    public Builder setProject(String project) {
+      this.project = project;
+      return this;
+    }
+
+    public Builder setLocation(String location) {
+      this.location = location;
+      return this;
+    }
+
+    public Builder setServerTlsPolicy(String serverTlsPolicy) {
+      this.serverTlsPolicy = serverTlsPolicy;
+      return this;
+    }
+
+    private Builder(ServerTlsPolicyName serverTlsPolicyName) {
+      this.project = serverTlsPolicyName.project;
+      this.location = serverTlsPolicyName.location;
+      this.serverTlsPolicy = serverTlsPolicyName.serverTlsPolicy;
+    }
+
+    public ServerTlsPolicyName build() {
+      return new ServerTlsPolicyName(this);
+    }
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyOrBuilder.java
new file mode 100644
index 000000000000..7552b879ce42
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyOrBuilder.java
@@ -0,0 +1,320 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ServerTlsPolicyOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ServerTlsPolicy)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The name.
+   */
+  java.lang.String getName();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Name of the ServerTlsPolicy resource. It matches the pattern
+   * `projects/&#42;&#47;locations/{location}/serverTlsPolicies/{server_tls_policy}`
+   * </pre>
+   *
+   * <code>string name = 1 [(.google.api.field_behavior) = REQUIRED];</code>
+   *
+   * @return The bytes for name.
+   */
+  com.google.protobuf.ByteString getNameBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2;</code>
+   *
+   * @return The description.
+   */
+  java.lang.String getDescription();
+  /**
+   *
+   *
+   * <pre>
+   * Free-text description of the resource.
+   * </pre>
+   *
+   * <code>string description = 2;</code>
+   *
+   * @return The bytes for description.
+   */
+  com.google.protobuf.ByteString getDescriptionBytes();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the createTime field is set.
+   */
+  boolean hasCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The createTime.
+   */
+  com.google.protobuf.Timestamp getCreateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was created.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp create_time = 3 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return Whether the updateTime field is set.
+   */
+  boolean hasUpdateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   *
+   * @return The updateTime.
+   */
+  com.google.protobuf.Timestamp getUpdateTime();
+  /**
+   *
+   *
+   * <pre>
+   * Output only. The timestamp when the resource was updated.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp update_time = 4 [(.google.api.field_behavior) = OUTPUT_ONLY];
+   * </code>
+   */
+  com.google.protobuf.TimestampOrBuilder getUpdateTimeOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  int getLabelsCount();
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  boolean containsLabels(java.lang.String key);
+  /** Use {@link #getLabelsMap()} instead. */
+  @java.lang.Deprecated
+  java.util.Map<java.lang.String, java.lang.String> getLabels();
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  java.util.Map<java.lang.String, java.lang.String> getLabelsMap();
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+
+  /* nullable */
+  java.lang.String getLabelsOrDefault(
+      java.lang.String key,
+      /* nullable */
+      java.lang.String defaultValue);
+  /**
+   *
+   *
+   * <pre>
+   * Set of label tags associated with the resource.
+   * </pre>
+   *
+   * <code>map&lt;string, string&gt; labels = 5;</code>
+   */
+  java.lang.String getLabelsOrThrow(java.lang.String key);
+
+  /**
+   *
+   *
+   * <pre>
+   * Determines if server allows plaintext connections. If set to true, server
+   * allows plain text connections. By default, it is set to false. This setting
+   * is not exclusive of other encryption modes. For example, if `allow_open`
+   * and `mtls_policy` are set, server allows both plain text and mTLS
+   * connections. See documentation of other encryption modes to confirm
+   * compatibility.
+   * Consider using it if you wish to upgrade in place your deployment to TLS
+   * while having mixed TLS and non-TLS traffic reaching port :80.
+   * </pre>
+   *
+   * <code>bool allow_open = 6;</code>
+   *
+   * @return The allowOpen.
+   */
+  boolean getAllowOpen();
+
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision server identity (public and private keys).
+   * Cannot be combined with `allow_open` as a permissive mode that allows both
+   * plain text and TLS is not supported.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+   *
+   * @return Whether the serverCertificate field is set.
+   */
+  boolean hasServerCertificate();
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision server identity (public and private keys).
+   * Cannot be combined with `allow_open` as a permissive mode that allows both
+   * plain text and TLS is not supported.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+   *
+   * @return The serverCertificate.
+   */
+  com.google.cloud.networksecurity.v1.CertificateProvider getServerCertificate();
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision server identity (public and private keys).
+   * Cannot be combined with `allow_open` as a permissive mode that allows both
+   * plain text and TLS is not supported.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.CertificateProvider server_certificate = 7;</code>
+   */
+  com.google.cloud.networksecurity.v1.CertificateProviderOrBuilder getServerCertificateOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision peer validation certificates for peer to
+   * peer authentication (Mutual TLS - mTLS). If not specified, client
+   * certificate will not be requested. The connection is treated as TLS and not
+   * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+   * text and mTLS connections.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+   *
+   * @return Whether the mtlsPolicy field is set.
+   */
+  boolean hasMtlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision peer validation certificates for peer to
+   * peer authentication (Mutual TLS - mTLS). If not specified, client
+   * certificate will not be requested. The connection is treated as TLS and not
+   * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+   * text and mTLS connections.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+   *
+   * @return The mtlsPolicy.
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy getMtlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Defines a mechanism to provision peer validation certificates for peer to
+   * peer authentication (Mutual TLS - mTLS). If not specified, client
+   * certificate will not be requested. The connection is treated as TLS and not
+   * mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+   * text and mTLS connections.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicy mtls_policy = 8;</code>
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicy.MTLSPolicyOrBuilder getMtlsPolicyOrBuilder();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyProto.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyProto.java
new file mode 100644
index 000000000000..5c41d6a4322e
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ServerTlsPolicyProto.java
@@ -0,0 +1,236 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public final class ServerTlsPolicyProto {
+  private ServerTlsPolicyProto() {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_LabelsEntry_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_LabelsEntry_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+    return descriptor;
+  }
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
+  static {
+    java.lang.String[] descriptorData = {
+      "\n7google/cloud/networksecurity/v1/server"
+          + "_tls_policy.proto\022\037google.cloud.networks"
+          + "ecurity.v1\032\037google/api/field_behavior.pr"
+          + "oto\032\031google/api/resource.proto\032)google/c"
+          + "loud/networksecurity/v1/tls.proto\032 googl"
+          + "e/protobuf/field_mask.proto\032\037google/prot"
+          + "obuf/timestamp.proto\"\272\005\n\017ServerTlsPolicy"
+          + "\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\023\n\013description\030\002 \001(\t"
+          + "\0224\n\013create_time\030\003 \001(\0132\032.google.protobuf."
+          + "TimestampB\003\340A\003\0224\n\013update_time\030\004 \001(\0132\032.go"
+          + "ogle.protobuf.TimestampB\003\340A\003\022L\n\006labels\030\005"
+          + " \003(\0132<.google.cloud.networksecurity.v1.S"
+          + "erverTlsPolicy.LabelsEntry\022\022\n\nallow_open"
+          + "\030\006 \001(\010\022P\n\022server_certificate\030\007 \001(\01324.goo"
+          + "gle.cloud.networksecurity.v1.Certificate"
+          + "Provider\022P\n\013mtls_policy\030\010 \001(\0132;.google.c"
+          + "loud.networksecurity.v1.ServerTlsPolicy."
+          + "MTLSPolicy\032Y\n\nMTLSPolicy\022K\n\024client_valid"
+          + "ation_ca\030\001 \003(\0132-.google.cloud.networksec"
+          + "urity.v1.ValidationCA\032-\n\013LabelsEntry\022\013\n\003"
+          + "key\030\001 \001(\t\022\r\n\005value\030\002 \001(\t:\0028\001:\202\001\352A\177\n.netw"
+          + "orksecurity.googleapis.com/ServerTlsPoli"
+          + "cy\022Mprojects/{project}/locations/{locati"
+          + "on}/serverTlsPolicies/{server_tls_policy"
+          + "}\"\200\001\n\034ListServerTlsPoliciesRequest\0229\n\006pa"
+          + "rent\030\001 \001(\tB)\340A\002\372A#\n!locations.googleapis"
+          + ".com/Location\022\021\n\tpage_size\030\002 \001(\005\022\022\n\npage"
+          + "_token\030\003 \001(\t\"\207\001\n\035ListServerTlsPoliciesRe"
+          + "sponse\022M\n\023server_tls_policies\030\001 \003(\01320.go"
+          + "ogle.cloud.networksecurity.v1.ServerTlsP"
+          + "olicy\022\027\n\017next_page_token\030\002 \001(\t\"a\n\031GetSer"
+          + "verTlsPolicyRequest\022D\n\004name\030\001 \001(\tB6\340A\002\372A"
+          + "0\n.networksecurity.googleapis.com/Server"
+          + "TlsPolicy\"\333\001\n\034CreateServerTlsPolicyReque"
+          + "st\022F\n\006parent\030\001 \001(\tB6\340A\002\372A0\022.networksecur"
+          + "ity.googleapis.com/ServerTlsPolicy\022!\n\024se"
+          + "rver_tls_policy_id\030\002 \001(\tB\003\340A\002\022P\n\021server_"
+          + "tls_policy\030\003 \001(\01320.google.cloud.networks"
+          + "ecurity.v1.ServerTlsPolicyB\003\340A\002\"\246\001\n\034Upda"
+          + "teServerTlsPolicyRequest\0224\n\013update_mask\030"
+          + "\001 \001(\0132\032.google.protobuf.FieldMaskB\003\340A\001\022P"
+          + "\n\021server_tls_policy\030\002 \001(\01320.google.cloud"
+          + ".networksecurity.v1.ServerTlsPolicyB\003\340A\002"
+          + "\"d\n\034DeleteServerTlsPolicyRequest\022D\n\004name"
+          + "\030\001 \001(\tB6\340A\002\372A0\n.networksecurity.googleap"
+          + "is.com/ServerTlsPolicyB\366\001\n#com.google.cl"
+          + "oud.networksecurity.v1B\024ServerTlsPolicyP"
+          + "rotoP\001ZNgoogle.golang.org/genproto/googl"
+          + "eapis/cloud/networksecurity/v1;networkse"
+          + "curity\252\002\037Google.Cloud.NetworkSecurity.V1"
+          + "\312\002\037Google\\Cloud\\NetworkSecurity\\V1\352\002\"Goo"
+          + "gle::Cloud::NetworkSecurity::V1b\006proto3"
+    };
+    descriptor =
+        com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+            descriptorData,
+            new com.google.protobuf.Descriptors.FileDescriptor[] {
+              com.google.api.FieldBehaviorProto.getDescriptor(),
+              com.google.api.ResourceProto.getDescriptor(),
+              com.google.cloud.networksecurity.v1.TlsProto.getDescriptor(),
+              com.google.protobuf.FieldMaskProto.getDescriptor(),
+              com.google.protobuf.TimestampProto.getDescriptor(),
+            });
+    internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor =
+        getDescriptor().getMessageTypes().get(0);
+    internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor,
+            new java.lang.String[] {
+              "Name",
+              "Description",
+              "CreateTime",
+              "UpdateTime",
+              "Labels",
+              "AllowOpen",
+              "ServerCertificate",
+              "MtlsPolicy",
+            });
+    internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_descriptor =
+        internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor
+            .getNestedTypes()
+            .get(0);
+    internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_MTLSPolicy_descriptor,
+            new java.lang.String[] {
+              "ClientValidationCa",
+            });
+    internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_LabelsEntry_descriptor =
+        internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_descriptor
+            .getNestedTypes()
+            .get(1);
+    internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_LabelsEntry_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ServerTlsPolicy_LabelsEntry_descriptor,
+            new java.lang.String[] {
+              "Key", "Value",
+            });
+    internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_descriptor =
+        getDescriptor().getMessageTypes().get(1);
+    internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesRequest_descriptor,
+            new java.lang.String[] {
+              "Parent", "PageSize", "PageToken",
+            });
+    internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_descriptor =
+        getDescriptor().getMessageTypes().get(2);
+    internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ListServerTlsPoliciesResponse_descriptor,
+            new java.lang.String[] {
+              "ServerTlsPolicies", "NextPageToken",
+            });
+    internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(3);
+    internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_GetServerTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Name",
+            });
+    internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(4);
+    internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_CreateServerTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Parent", "ServerTlsPolicyId", "ServerTlsPolicy",
+            });
+    internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(5);
+    internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "UpdateMask", "ServerTlsPolicy",
+            });
+    internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(6);
+    internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_DeleteServerTlsPolicyRequest_descriptor,
+            new java.lang.String[] {
+              "Name",
+            });
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.FieldBehaviorProto.fieldBehavior);
+    registry.add(com.google.api.ResourceProto.resource);
+    registry.add(com.google.api.ResourceProto.resourceReference);
+    com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
+        descriptor, registry);
+    com.google.api.FieldBehaviorProto.getDescriptor();
+    com.google.api.ResourceProto.getDescriptor();
+    com.google.cloud.networksecurity.v1.TlsProto.getDescriptor();
+    com.google.protobuf.FieldMaskProto.getDescriptor();
+    com.google.protobuf.TimestampProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/TlsProto.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/TlsProto.java
new file mode 100644
index 000000000000..97115bddf110
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/TlsProto.java
@@ -0,0 +1,125 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public final class TlsProto {
+  private TlsProto() {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_ValidationCA_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_ValidationCA_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_networksecurity_v1_CertificateProvider_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_networksecurity_v1_CertificateProvider_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+    return descriptor;
+  }
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
+  static {
+    java.lang.String[] descriptorData = {
+      "\n)google/cloud/networksecurity/v1/tls.pr"
+          + "oto\022\037google.cloud.networksecurity.v1\032\037go"
+          + "ogle/api/field_behavior.proto\"\'\n\014GrpcEnd"
+          + "point\022\027\n\ntarget_uri\030\001 \001(\tB\003\340A\002\"\305\001\n\014Valid"
+          + "ationCA\022F\n\rgrpc_endpoint\030\002 \001(\0132-.google."
+          + "cloud.networksecurity.v1.GrpcEndpointH\000\022"
+          + "e\n\035certificate_provider_instance\030\003 \001(\0132<"
+          + ".google.cloud.networksecurity.v1.Certifi"
+          + "cateProviderInstanceH\000B\006\n\004type\";\n\033Certif"
+          + "icateProviderInstance\022\034\n\017plugin_instance"
+          + "\030\001 \001(\tB\003\340A\002\"\314\001\n\023CertificateProvider\022F\n\rg"
+          + "rpc_endpoint\030\002 \001(\0132-.google.cloud.networ"
+          + "ksecurity.v1.GrpcEndpointH\000\022e\n\035certifica"
+          + "te_provider_instance\030\003 \001(\0132<.google.clou"
+          + "d.networksecurity.v1.CertificateProvider"
+          + "InstanceH\000B\006\n\004typeB\352\001\n#com.google.cloud."
+          + "networksecurity.v1B\010TlsProtoP\001ZNgoogle.g"
+          + "olang.org/genproto/googleapis/cloud/netw"
+          + "orksecurity/v1;networksecurity\252\002\037Google."
+          + "Cloud.NetworkSecurity.V1\312\002\037Google\\Cloud\\"
+          + "NetworkSecurity\\V1\352\002\"Google::Cloud::Netw"
+          + "orkSecurity::V1b\006proto3"
+    };
+    descriptor =
+        com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+            descriptorData,
+            new com.google.protobuf.Descriptors.FileDescriptor[] {
+              com.google.api.FieldBehaviorProto.getDescriptor(),
+            });
+    internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_descriptor =
+        getDescriptor().getMessageTypes().get(0);
+    internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_GrpcEndpoint_descriptor,
+            new java.lang.String[] {
+              "TargetUri",
+            });
+    internal_static_google_cloud_networksecurity_v1_ValidationCA_descriptor =
+        getDescriptor().getMessageTypes().get(1);
+    internal_static_google_cloud_networksecurity_v1_ValidationCA_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_ValidationCA_descriptor,
+            new java.lang.String[] {
+              "GrpcEndpoint", "CertificateProviderInstance", "Type",
+            });
+    internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_descriptor =
+        getDescriptor().getMessageTypes().get(2);
+    internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_CertificateProviderInstance_descriptor,
+            new java.lang.String[] {
+              "PluginInstance",
+            });
+    internal_static_google_cloud_networksecurity_v1_CertificateProvider_descriptor =
+        getDescriptor().getMessageTypes().get(3);
+    internal_static_google_cloud_networksecurity_v1_CertificateProvider_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_networksecurity_v1_CertificateProvider_descriptor,
+            new java.lang.String[] {
+              "GrpcEndpoint", "CertificateProviderInstance", "Type",
+            });
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.FieldBehaviorProto.fieldBehavior);
+    com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
+        descriptor, registry);
+    com.google.api.FieldBehaviorProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequest.java
new file mode 100644
index 000000000000..bdccb634b51f
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequest.java
@@ -0,0 +1,1112 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by the UpdateAuthorizationPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest}
+ */
+public final class UpdateAuthorizationPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest)
+    UpdateAuthorizationPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use UpdateAuthorizationPolicyRequest.newBuilder() to construct.
+  private UpdateAuthorizationPolicyRequest(
+      com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private UpdateAuthorizationPolicyRequest() {}
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new UpdateAuthorizationPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private UpdateAuthorizationPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              com.google.protobuf.FieldMask.Builder subBuilder = null;
+              if (updateMask_ != null) {
+                subBuilder = updateMask_.toBuilder();
+              }
+              updateMask_ =
+                  input.readMessage(com.google.protobuf.FieldMask.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(updateMask_);
+                updateMask_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 18:
+            {
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder subBuilder = null;
+              if (authorizationPolicy_ != null) {
+                subBuilder = authorizationPolicy_.toBuilder();
+              }
+              authorizationPolicy_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.AuthorizationPolicy.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(authorizationPolicy_);
+                authorizationPolicy_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest.Builder.class);
+  }
+
+  public static final int UPDATE_MASK_FIELD_NUMBER = 1;
+  private com.google.protobuf.FieldMask updateMask_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * AuthorizationPolicy resource by the update.
+   * The fields specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the mask. If the
+   * user does not provide a mask then all fields will be overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the updateMask field is set.
+   */
+  @java.lang.Override
+  public boolean hasUpdateMask() {
+    return updateMask_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * AuthorizationPolicy resource by the update.
+   * The fields specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the mask. If the
+   * user does not provide a mask then all fields will be overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The updateMask.
+   */
+  @java.lang.Override
+  public com.google.protobuf.FieldMask getUpdateMask() {
+    return updateMask_ == null ? com.google.protobuf.FieldMask.getDefaultInstance() : updateMask_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * AuthorizationPolicy resource by the update.
+   * The fields specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the mask. If the
+   * user does not provide a mask then all fields will be overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder() {
+    return getUpdateMask();
+  }
+
+  public static final int AUTHORIZATION_POLICY_FIELD_NUMBER = 2;
+  private com.google.cloud.networksecurity.v1.AuthorizationPolicy authorizationPolicy_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the authorizationPolicy field is set.
+   */
+  @java.lang.Override
+  public boolean hasAuthorizationPolicy() {
+    return authorizationPolicy_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The authorizationPolicy.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicy() {
+    return authorizationPolicy_ == null
+        ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance()
+        : authorizationPolicy_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+      getAuthorizationPolicyOrBuilder() {
+    return getAuthorizationPolicy();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (updateMask_ != null) {
+      output.writeMessage(1, getUpdateMask());
+    }
+    if (authorizationPolicy_ != null) {
+      output.writeMessage(2, getAuthorizationPolicy());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (updateMask_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(1, getUpdateMask());
+    }
+    if (authorizationPolicy_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(2, getAuthorizationPolicy());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest) obj;
+
+    if (hasUpdateMask() != other.hasUpdateMask()) return false;
+    if (hasUpdateMask()) {
+      if (!getUpdateMask().equals(other.getUpdateMask())) return false;
+    }
+    if (hasAuthorizationPolicy() != other.hasAuthorizationPolicy()) return false;
+    if (hasAuthorizationPolicy()) {
+      if (!getAuthorizationPolicy().equals(other.getAuthorizationPolicy())) return false;
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    if (hasUpdateMask()) {
+      hash = (37 * hash) + UPDATE_MASK_FIELD_NUMBER;
+      hash = (53 * hash) + getUpdateMask().hashCode();
+    }
+    if (hasAuthorizationPolicy()) {
+      hash = (37 * hash) + AUTHORIZATION_POLICY_FIELD_NUMBER;
+      hash = (53 * hash) + getAuthorizationPolicy().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by the UpdateAuthorizationPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest)
+      com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest.Builder.class);
+    }
+
+    // Construct using
+    // com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = null;
+      } else {
+        updateMask_ = null;
+        updateMaskBuilder_ = null;
+      }
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicy_ = null;
+      } else {
+        authorizationPolicy_ = null;
+        authorizationPolicyBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.AuthorizationPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateAuthorizationPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+          .getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest(this);
+      if (updateMaskBuilder_ == null) {
+        result.updateMask_ = updateMask_;
+      } else {
+        result.updateMask_ = updateMaskBuilder_.build();
+      }
+      if (authorizationPolicyBuilder_ == null) {
+        result.authorizationPolicy_ = authorizationPolicy_;
+      } else {
+        result.authorizationPolicy_ = authorizationPolicyBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest) {
+        return mergeFrom(
+            (com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+              .getDefaultInstance()) return this;
+      if (other.hasUpdateMask()) {
+        mergeUpdateMask(other.getUpdateMask());
+      }
+      if (other.hasAuthorizationPolicy()) {
+        mergeAuthorizationPolicy(other.getAuthorizationPolicy());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private com.google.protobuf.FieldMask updateMask_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.FieldMask,
+            com.google.protobuf.FieldMask.Builder,
+            com.google.protobuf.FieldMaskOrBuilder>
+        updateMaskBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return Whether the updateMask field is set.
+     */
+    public boolean hasUpdateMask() {
+      return updateMaskBuilder_ != null || updateMask_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return The updateMask.
+     */
+    public com.google.protobuf.FieldMask getUpdateMask() {
+      if (updateMaskBuilder_ == null) {
+        return updateMask_ == null
+            ? com.google.protobuf.FieldMask.getDefaultInstance()
+            : updateMask_;
+      } else {
+        return updateMaskBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setUpdateMask(com.google.protobuf.FieldMask value) {
+      if (updateMaskBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        updateMask_ = value;
+        onChanged();
+      } else {
+        updateMaskBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setUpdateMask(com.google.protobuf.FieldMask.Builder builderForValue) {
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = builderForValue.build();
+        onChanged();
+      } else {
+        updateMaskBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder mergeUpdateMask(com.google.protobuf.FieldMask value) {
+      if (updateMaskBuilder_ == null) {
+        if (updateMask_ != null) {
+          updateMask_ =
+              com.google.protobuf.FieldMask.newBuilder(updateMask_).mergeFrom(value).buildPartial();
+        } else {
+          updateMask_ = value;
+        }
+        onChanged();
+      } else {
+        updateMaskBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder clearUpdateMask() {
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = null;
+        onChanged();
+      } else {
+        updateMask_ = null;
+        updateMaskBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.protobuf.FieldMask.Builder getUpdateMaskBuilder() {
+
+      onChanged();
+      return getUpdateMaskFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder() {
+      if (updateMaskBuilder_ != null) {
+        return updateMaskBuilder_.getMessageOrBuilder();
+      } else {
+        return updateMask_ == null
+            ? com.google.protobuf.FieldMask.getDefaultInstance()
+            : updateMask_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * AuthorizationPolicy resource by the update.
+     * The fields specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the mask. If the
+     * user does not provide a mask then all fields will be overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.FieldMask,
+            com.google.protobuf.FieldMask.Builder,
+            com.google.protobuf.FieldMaskOrBuilder>
+        getUpdateMaskFieldBuilder() {
+      if (updateMaskBuilder_ == null) {
+        updateMaskBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.FieldMask,
+                com.google.protobuf.FieldMask.Builder,
+                com.google.protobuf.FieldMaskOrBuilder>(
+                getUpdateMask(), getParentForChildren(), isClean());
+        updateMask_ = null;
+      }
+      return updateMaskBuilder_;
+    }
+
+    private com.google.cloud.networksecurity.v1.AuthorizationPolicy authorizationPolicy_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+        authorizationPolicyBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return Whether the authorizationPolicy field is set.
+     */
+    public boolean hasAuthorizationPolicy() {
+      return authorizationPolicyBuilder_ != null || authorizationPolicy_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The authorizationPolicy.
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicy() {
+      if (authorizationPolicyBuilder_ == null) {
+        return authorizationPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance()
+            : authorizationPolicy_;
+      } else {
+        return authorizationPolicyBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy value) {
+      if (authorizationPolicyBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        authorizationPolicy_ = value;
+        onChanged();
+      } else {
+        authorizationPolicyBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder builderForValue) {
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicy_ = builderForValue.build();
+        onChanged();
+      } else {
+        authorizationPolicyBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder mergeAuthorizationPolicy(
+        com.google.cloud.networksecurity.v1.AuthorizationPolicy value) {
+      if (authorizationPolicyBuilder_ == null) {
+        if (authorizationPolicy_ != null) {
+          authorizationPolicy_ =
+              com.google.cloud.networksecurity.v1.AuthorizationPolicy.newBuilder(
+                      authorizationPolicy_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          authorizationPolicy_ = value;
+        }
+        onChanged();
+      } else {
+        authorizationPolicyBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder clearAuthorizationPolicy() {
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicy_ = null;
+        onChanged();
+      } else {
+        authorizationPolicy_ = null;
+        authorizationPolicyBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder
+        getAuthorizationPolicyBuilder() {
+
+      onChanged();
+      return getAuthorizationPolicyFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+        getAuthorizationPolicyOrBuilder() {
+      if (authorizationPolicyBuilder_ != null) {
+        return authorizationPolicyBuilder_.getMessageOrBuilder();
+      } else {
+        return authorizationPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.AuthorizationPolicy.getDefaultInstance()
+            : authorizationPolicy_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated AuthorizationPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+            com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>
+        getAuthorizationPolicyFieldBuilder() {
+      if (authorizationPolicyBuilder_ == null) {
+        authorizationPolicyBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicy.Builder,
+                com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder>(
+                getAuthorizationPolicy(), getParentForChildren(), isClean());
+        authorizationPolicy_ = null;
+      }
+      return authorizationPolicyBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<UpdateAuthorizationPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<UpdateAuthorizationPolicyRequest>() {
+        @java.lang.Override
+        public UpdateAuthorizationPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new UpdateAuthorizationPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<UpdateAuthorizationPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<UpdateAuthorizationPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..b0ec7b744396
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateAuthorizationPolicyRequestOrBuilder.java
@@ -0,0 +1,117 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/authorization_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface UpdateAuthorizationPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.UpdateAuthorizationPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * AuthorizationPolicy resource by the update.
+   * The fields specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the mask. If the
+   * user does not provide a mask then all fields will be overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the updateMask field is set.
+   */
+  boolean hasUpdateMask();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * AuthorizationPolicy resource by the update.
+   * The fields specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the mask. If the
+   * user does not provide a mask then all fields will be overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The updateMask.
+   */
+  com.google.protobuf.FieldMask getUpdateMask();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * AuthorizationPolicy resource by the update.
+   * The fields specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the mask. If the
+   * user does not provide a mask then all fields will be overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the authorizationPolicy field is set.
+   */
+  boolean hasAuthorizationPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The authorizationPolicy.
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicy getAuthorizationPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated AuthorizationPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.AuthorizationPolicy authorization_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.AuthorizationPolicyOrBuilder
+      getAuthorizationPolicyOrBuilder();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequest.java
new file mode 100644
index 000000000000..184c7e443c68
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequest.java
@@ -0,0 +1,1115 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by UpdateClientTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest}
+ */
+public final class UpdateClientTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest)
+    UpdateClientTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use UpdateClientTlsPolicyRequest.newBuilder() to construct.
+  private UpdateClientTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private UpdateClientTlsPolicyRequest() {}
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new UpdateClientTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private UpdateClientTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              com.google.protobuf.FieldMask.Builder subBuilder = null;
+              if (updateMask_ != null) {
+                subBuilder = updateMask_.toBuilder();
+              }
+              updateMask_ =
+                  input.readMessage(com.google.protobuf.FieldMask.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(updateMask_);
+                updateMask_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 18:
+            {
+              com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder subBuilder = null;
+              if (clientTlsPolicy_ != null) {
+                subBuilder = clientTlsPolicy_.toBuilder();
+              }
+              clientTlsPolicy_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ClientTlsPolicy.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(clientTlsPolicy_);
+                clientTlsPolicy_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int UPDATE_MASK_FIELD_NUMBER = 1;
+  private com.google.protobuf.FieldMask updateMask_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ClientTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the updateMask field is set.
+   */
+  @java.lang.Override
+  public boolean hasUpdateMask() {
+    return updateMask_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ClientTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The updateMask.
+   */
+  @java.lang.Override
+  public com.google.protobuf.FieldMask getUpdateMask() {
+    return updateMask_ == null ? com.google.protobuf.FieldMask.getDefaultInstance() : updateMask_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ClientTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder() {
+    return getUpdateMask();
+  }
+
+  public static final int CLIENT_TLS_POLICY_FIELD_NUMBER = 2;
+  private com.google.cloud.networksecurity.v1.ClientTlsPolicy clientTlsPolicy_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ClientTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the clientTlsPolicy field is set.
+   */
+  @java.lang.Override
+  public boolean hasClientTlsPolicy() {
+    return clientTlsPolicy_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ClientTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The clientTlsPolicy.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicy() {
+    return clientTlsPolicy_ == null
+        ? com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance()
+        : clientTlsPolicy_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ClientTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder
+      getClientTlsPolicyOrBuilder() {
+    return getClientTlsPolicy();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (updateMask_ != null) {
+      output.writeMessage(1, getUpdateMask());
+    }
+    if (clientTlsPolicy_ != null) {
+      output.writeMessage(2, getClientTlsPolicy());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (updateMask_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(1, getUpdateMask());
+    }
+    if (clientTlsPolicy_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(2, getClientTlsPolicy());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest) obj;
+
+    if (hasUpdateMask() != other.hasUpdateMask()) return false;
+    if (hasUpdateMask()) {
+      if (!getUpdateMask().equals(other.getUpdateMask())) return false;
+    }
+    if (hasClientTlsPolicy() != other.hasClientTlsPolicy()) return false;
+    if (hasClientTlsPolicy()) {
+      if (!getClientTlsPolicy().equals(other.getClientTlsPolicy())) return false;
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    if (hasUpdateMask()) {
+      hash = (37 * hash) + UPDATE_MASK_FIELD_NUMBER;
+      hash = (53 * hash) + getUpdateMask().hashCode();
+    }
+    if (hasClientTlsPolicy()) {
+      hash = (37 * hash) + CLIENT_TLS_POLICY_FIELD_NUMBER;
+      hash = (53 * hash) + getClientTlsPolicy().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by UpdateClientTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = null;
+      } else {
+        updateMask_ = null;
+        updateMaskBuilder_ = null;
+      }
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicy_ = null;
+      } else {
+        clientTlsPolicy_ = null;
+        clientTlsPolicyBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ClientTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateClientTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest(this);
+      if (updateMaskBuilder_ == null) {
+        result.updateMask_ = updateMask_;
+      } else {
+        result.updateMask_ = updateMaskBuilder_.build();
+      }
+      if (clientTlsPolicyBuilder_ == null) {
+        result.clientTlsPolicy_ = clientTlsPolicy_;
+      } else {
+        result.clientTlsPolicy_ = clientTlsPolicyBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (other.hasUpdateMask()) {
+        mergeUpdateMask(other.getUpdateMask());
+      }
+      if (other.hasClientTlsPolicy()) {
+        mergeClientTlsPolicy(other.getClientTlsPolicy());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private com.google.protobuf.FieldMask updateMask_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.FieldMask,
+            com.google.protobuf.FieldMask.Builder,
+            com.google.protobuf.FieldMaskOrBuilder>
+        updateMaskBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return Whether the updateMask field is set.
+     */
+    public boolean hasUpdateMask() {
+      return updateMaskBuilder_ != null || updateMask_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return The updateMask.
+     */
+    public com.google.protobuf.FieldMask getUpdateMask() {
+      if (updateMaskBuilder_ == null) {
+        return updateMask_ == null
+            ? com.google.protobuf.FieldMask.getDefaultInstance()
+            : updateMask_;
+      } else {
+        return updateMaskBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setUpdateMask(com.google.protobuf.FieldMask value) {
+      if (updateMaskBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        updateMask_ = value;
+        onChanged();
+      } else {
+        updateMaskBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setUpdateMask(com.google.protobuf.FieldMask.Builder builderForValue) {
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = builderForValue.build();
+        onChanged();
+      } else {
+        updateMaskBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder mergeUpdateMask(com.google.protobuf.FieldMask value) {
+      if (updateMaskBuilder_ == null) {
+        if (updateMask_ != null) {
+          updateMask_ =
+              com.google.protobuf.FieldMask.newBuilder(updateMask_).mergeFrom(value).buildPartial();
+        } else {
+          updateMask_ = value;
+        }
+        onChanged();
+      } else {
+        updateMaskBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder clearUpdateMask() {
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = null;
+        onChanged();
+      } else {
+        updateMask_ = null;
+        updateMaskBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.protobuf.FieldMask.Builder getUpdateMaskBuilder() {
+
+      onChanged();
+      return getUpdateMaskFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder() {
+      if (updateMaskBuilder_ != null) {
+        return updateMaskBuilder_.getMessageOrBuilder();
+      } else {
+        return updateMask_ == null
+            ? com.google.protobuf.FieldMask.getDefaultInstance()
+            : updateMask_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ClientTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.FieldMask,
+            com.google.protobuf.FieldMask.Builder,
+            com.google.protobuf.FieldMaskOrBuilder>
+        getUpdateMaskFieldBuilder() {
+      if (updateMaskBuilder_ == null) {
+        updateMaskBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.FieldMask,
+                com.google.protobuf.FieldMask.Builder,
+                com.google.protobuf.FieldMaskOrBuilder>(
+                getUpdateMask(), getParentForChildren(), isClean());
+        updateMask_ = null;
+      }
+      return updateMaskBuilder_;
+    }
+
+    private com.google.cloud.networksecurity.v1.ClientTlsPolicy clientTlsPolicy_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+        clientTlsPolicyBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return Whether the clientTlsPolicy field is set.
+     */
+    public boolean hasClientTlsPolicy() {
+      return clientTlsPolicyBuilder_ != null || clientTlsPolicy_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The clientTlsPolicy.
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicy() {
+      if (clientTlsPolicyBuilder_ == null) {
+        return clientTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance()
+            : clientTlsPolicy_;
+      } else {
+        return clientTlsPolicyBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setClientTlsPolicy(com.google.cloud.networksecurity.v1.ClientTlsPolicy value) {
+      if (clientTlsPolicyBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        clientTlsPolicy_ = value;
+        onChanged();
+      } else {
+        clientTlsPolicyBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setClientTlsPolicy(
+        com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder builderForValue) {
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicy_ = builderForValue.build();
+        onChanged();
+      } else {
+        clientTlsPolicyBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder mergeClientTlsPolicy(com.google.cloud.networksecurity.v1.ClientTlsPolicy value) {
+      if (clientTlsPolicyBuilder_ == null) {
+        if (clientTlsPolicy_ != null) {
+          clientTlsPolicy_ =
+              com.google.cloud.networksecurity.v1.ClientTlsPolicy.newBuilder(clientTlsPolicy_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          clientTlsPolicy_ = value;
+        }
+        onChanged();
+      } else {
+        clientTlsPolicyBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder clearClientTlsPolicy() {
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicy_ = null;
+        onChanged();
+      } else {
+        clientTlsPolicy_ = null;
+        clientTlsPolicyBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder getClientTlsPolicyBuilder() {
+
+      onChanged();
+      return getClientTlsPolicyFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder
+        getClientTlsPolicyOrBuilder() {
+      if (clientTlsPolicyBuilder_ != null) {
+        return clientTlsPolicyBuilder_.getMessageOrBuilder();
+      } else {
+        return clientTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ClientTlsPolicy.getDefaultInstance()
+            : clientTlsPolicy_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ClientTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>
+        getClientTlsPolicyFieldBuilder() {
+      if (clientTlsPolicyBuilder_ == null) {
+        clientTlsPolicyBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ClientTlsPolicy,
+                com.google.cloud.networksecurity.v1.ClientTlsPolicy.Builder,
+                com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder>(
+                getClientTlsPolicy(), getParentForChildren(), isClean());
+        clientTlsPolicy_ = null;
+      }
+      return clientTlsPolicyBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<UpdateClientTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<UpdateClientTlsPolicyRequest>() {
+        @java.lang.Override
+        public UpdateClientTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new UpdateClientTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<UpdateClientTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<UpdateClientTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..6563573b18fa
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateClientTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/client_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface UpdateClientTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.UpdateClientTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ClientTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the updateMask field is set.
+   */
+  boolean hasUpdateMask();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ClientTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The updateMask.
+   */
+  com.google.protobuf.FieldMask getUpdateMask();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ClientTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ClientTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the clientTlsPolicy field is set.
+   */
+  boolean hasClientTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ClientTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The clientTlsPolicy.
+   */
+  com.google.cloud.networksecurity.v1.ClientTlsPolicy getClientTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ClientTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ClientTlsPolicy client_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.ClientTlsPolicyOrBuilder getClientTlsPolicyOrBuilder();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequest.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequest.java
new file mode 100644
index 000000000000..203c52f89d17
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequest.java
@@ -0,0 +1,1115 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Request used by UpdateServerTlsPolicy method.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest}
+ */
+public final class UpdateServerTlsPolicyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest)
+    UpdateServerTlsPolicyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use UpdateServerTlsPolicyRequest.newBuilder() to construct.
+  private UpdateServerTlsPolicyRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private UpdateServerTlsPolicyRequest() {}
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new UpdateServerTlsPolicyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private UpdateServerTlsPolicyRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10:
+            {
+              com.google.protobuf.FieldMask.Builder subBuilder = null;
+              if (updateMask_ != null) {
+                subBuilder = updateMask_.toBuilder();
+              }
+              updateMask_ =
+                  input.readMessage(com.google.protobuf.FieldMask.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(updateMask_);
+                updateMask_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          case 18:
+            {
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder subBuilder = null;
+              if (serverTlsPolicy_ != null) {
+                subBuilder = serverTlsPolicy_.toBuilder();
+              }
+              serverTlsPolicy_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.ServerTlsPolicy.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(serverTlsPolicy_);
+                serverTlsPolicy_ = subBuilder.buildPartial();
+              }
+
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+        .internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.class,
+            com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.Builder.class);
+  }
+
+  public static final int UPDATE_MASK_FIELD_NUMBER = 1;
+  private com.google.protobuf.FieldMask updateMask_;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ServerTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the updateMask field is set.
+   */
+  @java.lang.Override
+  public boolean hasUpdateMask() {
+    return updateMask_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ServerTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The updateMask.
+   */
+  @java.lang.Override
+  public com.google.protobuf.FieldMask getUpdateMask() {
+    return updateMask_ == null ? com.google.protobuf.FieldMask.getDefaultInstance() : updateMask_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ServerTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder() {
+    return getUpdateMask();
+  }
+
+  public static final int SERVER_TLS_POLICY_FIELD_NUMBER = 2;
+  private com.google.cloud.networksecurity.v1.ServerTlsPolicy serverTlsPolicy_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ServerTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the serverTlsPolicy field is set.
+   */
+  @java.lang.Override
+  public boolean hasServerTlsPolicy() {
+    return serverTlsPolicy_ != null;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ServerTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The serverTlsPolicy.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicy() {
+    return serverTlsPolicy_ == null
+        ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance()
+        : serverTlsPolicy_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ServerTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder
+      getServerTlsPolicyOrBuilder() {
+    return getServerTlsPolicy();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (updateMask_ != null) {
+      output.writeMessage(1, getUpdateMask());
+    }
+    if (serverTlsPolicy_ != null) {
+      output.writeMessage(2, getServerTlsPolicy());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (updateMask_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(1, getUpdateMask());
+    }
+    if (serverTlsPolicy_ != null) {
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(2, getServerTlsPolicy());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest other =
+        (com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest) obj;
+
+    if (hasUpdateMask() != other.hasUpdateMask()) return false;
+    if (hasUpdateMask()) {
+      if (!getUpdateMask().equals(other.getUpdateMask())) return false;
+    }
+    if (hasServerTlsPolicy() != other.hasServerTlsPolicy()) return false;
+    if (hasServerTlsPolicy()) {
+      if (!getServerTlsPolicy().equals(other.getServerTlsPolicy())) return false;
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    if (hasUpdateMask()) {
+      hash = (37 * hash) + UPDATE_MASK_FIELD_NUMBER;
+      hash = (53 * hash) + getUpdateMask().hashCode();
+    }
+    if (hasServerTlsPolicy()) {
+      hash = (37 * hash) + SERVER_TLS_POLICY_FIELD_NUMBER;
+      hash = (53 * hash) + getServerTlsPolicy().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Request used by UpdateServerTlsPolicy method.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest)
+      com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.class,
+              com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = null;
+      } else {
+        updateMask_ = null;
+        updateMaskBuilder_ = null;
+      }
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicy_ = null;
+      } else {
+        serverTlsPolicy_ = null;
+        serverTlsPolicyBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.ServerTlsPolicyProto
+          .internal_static_google_cloud_networksecurity_v1_UpdateServerTlsPolicyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest
+        getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest build() {
+      com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest buildPartial() {
+      com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest result =
+          new com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest(this);
+      if (updateMaskBuilder_ == null) {
+        result.updateMask_ = updateMask_;
+      } else {
+        result.updateMask_ = updateMaskBuilder_.build();
+      }
+      if (serverTlsPolicyBuilder_ == null) {
+        result.serverTlsPolicy_ = serverTlsPolicy_;
+      } else {
+        result.serverTlsPolicy_ = serverTlsPolicyBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest other) {
+      if (other
+          == com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest.getDefaultInstance())
+        return this;
+      if (other.hasUpdateMask()) {
+        mergeUpdateMask(other.getUpdateMask());
+      }
+      if (other.hasServerTlsPolicy()) {
+        mergeServerTlsPolicy(other.getServerTlsPolicy());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage =
+            (com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest)
+                e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private com.google.protobuf.FieldMask updateMask_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.FieldMask,
+            com.google.protobuf.FieldMask.Builder,
+            com.google.protobuf.FieldMaskOrBuilder>
+        updateMaskBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return Whether the updateMask field is set.
+     */
+    public boolean hasUpdateMask() {
+      return updateMaskBuilder_ != null || updateMask_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return The updateMask.
+     */
+    public com.google.protobuf.FieldMask getUpdateMask() {
+      if (updateMaskBuilder_ == null) {
+        return updateMask_ == null
+            ? com.google.protobuf.FieldMask.getDefaultInstance()
+            : updateMask_;
+      } else {
+        return updateMaskBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setUpdateMask(com.google.protobuf.FieldMask value) {
+      if (updateMaskBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        updateMask_ = value;
+        onChanged();
+      } else {
+        updateMaskBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder setUpdateMask(com.google.protobuf.FieldMask.Builder builderForValue) {
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = builderForValue.build();
+        onChanged();
+      } else {
+        updateMaskBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder mergeUpdateMask(com.google.protobuf.FieldMask value) {
+      if (updateMaskBuilder_ == null) {
+        if (updateMask_ != null) {
+          updateMask_ =
+              com.google.protobuf.FieldMask.newBuilder(updateMask_).mergeFrom(value).buildPartial();
+        } else {
+          updateMask_ = value;
+        }
+        onChanged();
+      } else {
+        updateMaskBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public Builder clearUpdateMask() {
+      if (updateMaskBuilder_ == null) {
+        updateMask_ = null;
+        onChanged();
+      } else {
+        updateMask_ = null;
+        updateMaskBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.protobuf.FieldMask.Builder getUpdateMaskBuilder() {
+
+      onChanged();
+      return getUpdateMaskFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    public com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder() {
+      if (updateMaskBuilder_ != null) {
+        return updateMaskBuilder_.getMessageOrBuilder();
+      } else {
+        return updateMask_ == null
+            ? com.google.protobuf.FieldMask.getDefaultInstance()
+            : updateMask_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Field mask is used to specify the fields to be overwritten in the
+     * ServerTlsPolicy resource by the update.  The fields
+     * specified in the update_mask are relative to the resource, not
+     * the full request. A field will be overwritten if it is in the
+     * mask. If the user does not provide a mask then all fields will be
+     * overwritten.
+     * </pre>
+     *
+     * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.FieldMask,
+            com.google.protobuf.FieldMask.Builder,
+            com.google.protobuf.FieldMaskOrBuilder>
+        getUpdateMaskFieldBuilder() {
+      if (updateMaskBuilder_ == null) {
+        updateMaskBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.FieldMask,
+                com.google.protobuf.FieldMask.Builder,
+                com.google.protobuf.FieldMaskOrBuilder>(
+                getUpdateMask(), getParentForChildren(), isClean());
+        updateMask_ = null;
+      }
+      return updateMaskBuilder_;
+    }
+
+    private com.google.cloud.networksecurity.v1.ServerTlsPolicy serverTlsPolicy_;
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+        serverTlsPolicyBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return Whether the serverTlsPolicy field is set.
+     */
+    public boolean hasServerTlsPolicy() {
+      return serverTlsPolicyBuilder_ != null || serverTlsPolicy_ != null;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     *
+     * @return The serverTlsPolicy.
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicy() {
+      if (serverTlsPolicyBuilder_ == null) {
+        return serverTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance()
+            : serverTlsPolicy_;
+      } else {
+        return serverTlsPolicyBuilder_.getMessage();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setServerTlsPolicy(com.google.cloud.networksecurity.v1.ServerTlsPolicy value) {
+      if (serverTlsPolicyBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        serverTlsPolicy_ = value;
+        onChanged();
+      } else {
+        serverTlsPolicyBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder setServerTlsPolicy(
+        com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder builderForValue) {
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicy_ = builderForValue.build();
+        onChanged();
+      } else {
+        serverTlsPolicyBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder mergeServerTlsPolicy(com.google.cloud.networksecurity.v1.ServerTlsPolicy value) {
+      if (serverTlsPolicyBuilder_ == null) {
+        if (serverTlsPolicy_ != null) {
+          serverTlsPolicy_ =
+              com.google.cloud.networksecurity.v1.ServerTlsPolicy.newBuilder(serverTlsPolicy_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          serverTlsPolicy_ = value;
+        }
+        onChanged();
+      } else {
+        serverTlsPolicyBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public Builder clearServerTlsPolicy() {
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicy_ = null;
+        onChanged();
+      } else {
+        serverTlsPolicy_ = null;
+        serverTlsPolicyBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder getServerTlsPolicyBuilder() {
+
+      onChanged();
+      return getServerTlsPolicyFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder
+        getServerTlsPolicyOrBuilder() {
+      if (serverTlsPolicyBuilder_ != null) {
+        return serverTlsPolicyBuilder_.getMessageOrBuilder();
+      } else {
+        return serverTlsPolicy_ == null
+            ? com.google.cloud.networksecurity.v1.ServerTlsPolicy.getDefaultInstance()
+            : serverTlsPolicy_;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. Updated ServerTlsPolicy resource.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+            com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>
+        getServerTlsPolicyFieldBuilder() {
+      if (serverTlsPolicyBuilder_ == null) {
+        serverTlsPolicyBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicy.Builder,
+                com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder>(
+                getServerTlsPolicy(), getParentForChildren(), isClean());
+        serverTlsPolicy_ = null;
+      }
+      return serverTlsPolicyBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest)
+  private static final com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest();
+  }
+
+  public static com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<UpdateServerTlsPolicyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<UpdateServerTlsPolicyRequest>() {
+        @java.lang.Override
+        public UpdateServerTlsPolicyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new UpdateServerTlsPolicyRequest(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<UpdateServerTlsPolicyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<UpdateServerTlsPolicyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequestOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequestOrBuilder.java
new file mode 100644
index 000000000000..78314da0e871
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/UpdateServerTlsPolicyRequestOrBuilder.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/server_tls_policy.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface UpdateServerTlsPolicyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.UpdateServerTlsPolicyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ServerTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return Whether the updateMask field is set.
+   */
+  boolean hasUpdateMask();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ServerTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The updateMask.
+   */
+  com.google.protobuf.FieldMask getUpdateMask();
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Field mask is used to specify the fields to be overwritten in the
+   * ServerTlsPolicy resource by the update.  The fields
+   * specified in the update_mask are relative to the resource, not
+   * the full request. A field will be overwritten if it is in the
+   * mask. If the user does not provide a mask then all fields will be
+   * overwritten.
+   * </pre>
+   *
+   * <code>.google.protobuf.FieldMask update_mask = 1 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   */
+  com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ServerTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return Whether the serverTlsPolicy field is set.
+   */
+  boolean hasServerTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ServerTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   *
+   * @return The serverTlsPolicy.
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicy getServerTlsPolicy();
+  /**
+   *
+   *
+   * <pre>
+   * Required. Updated ServerTlsPolicy resource.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.ServerTlsPolicy server_tls_policy = 2 [(.google.api.field_behavior) = REQUIRED];
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.ServerTlsPolicyOrBuilder getServerTlsPolicyOrBuilder();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCA.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCA.java
new file mode 100644
index 000000000000..734ab6168d82
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCA.java
@@ -0,0 +1,1223 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Specification of ValidationCA. Defines the mechanism to obtain the
+ * Certificate Authority certificate to validate the peer certificate.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.networksecurity.v1.ValidationCA}
+ */
+public final class ValidationCA extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.networksecurity.v1.ValidationCA)
+    ValidationCAOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use ValidationCA.newBuilder() to construct.
+  private ValidationCA(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private ValidationCA() {}
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new ValidationCA();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  private ValidationCA(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 18:
+            {
+              com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder subBuilder = null;
+              if (typeCase_ == 2) {
+                subBuilder = ((com.google.cloud.networksecurity.v1.GrpcEndpoint) type_).toBuilder();
+              }
+              type_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.GrpcEndpoint.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom((com.google.cloud.networksecurity.v1.GrpcEndpoint) type_);
+                type_ = subBuilder.buildPartial();
+              }
+              typeCase_ = 2;
+              break;
+            }
+          case 26:
+            {
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder subBuilder =
+                  null;
+              if (typeCase_ == 3) {
+                subBuilder =
+                    ((com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_)
+                        .toBuilder();
+              }
+              type_ =
+                  input.readMessage(
+                      com.google.cloud.networksecurity.v1.CertificateProviderInstance.parser(),
+                      extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(
+                    (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_);
+                type_ = subBuilder.buildPartial();
+              }
+              typeCase_ = 3;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
+            }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (com.google.protobuf.UninitializedMessageException e) {
+      throw e.asInvalidProtocolBufferException().setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_ValidationCA_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.networksecurity.v1.TlsProto
+        .internal_static_google_cloud_networksecurity_v1_ValidationCA_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.networksecurity.v1.ValidationCA.class,
+            com.google.cloud.networksecurity.v1.ValidationCA.Builder.class);
+  }
+
+  private int typeCase_ = 0;
+  private java.lang.Object type_;
+
+  public enum TypeCase
+      implements
+          com.google.protobuf.Internal.EnumLite,
+          com.google.protobuf.AbstractMessage.InternalOneOfEnum {
+    GRPC_ENDPOINT(2),
+    CERTIFICATE_PROVIDER_INSTANCE(3),
+    TYPE_NOT_SET(0);
+    private final int value;
+
+    private TypeCase(int value) {
+      this.value = value;
+    }
+    /**
+     * @param value The number of the enum to look for.
+     * @return The enum associated with the given number.
+     * @deprecated Use {@link #forNumber(int)} instead.
+     */
+    @java.lang.Deprecated
+    public static TypeCase valueOf(int value) {
+      return forNumber(value);
+    }
+
+    public static TypeCase forNumber(int value) {
+      switch (value) {
+        case 2:
+          return GRPC_ENDPOINT;
+        case 3:
+          return CERTIFICATE_PROVIDER_INSTANCE;
+        case 0:
+          return TYPE_NOT_SET;
+        default:
+          return null;
+      }
+    }
+
+    public int getNumber() {
+      return this.value;
+    }
+  };
+
+  public TypeCase getTypeCase() {
+    return TypeCase.forNumber(typeCase_);
+  }
+
+  public static final int GRPC_ENDPOINT_FIELD_NUMBER = 2;
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the CA certificate.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return Whether the grpcEndpoint field is set.
+   */
+  @java.lang.Override
+  public boolean hasGrpcEndpoint() {
+    return typeCase_ == 2;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the CA certificate.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return The grpcEndpoint.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GrpcEndpoint getGrpcEndpoint() {
+    if (typeCase_ == 2) {
+      return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+    }
+    return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the CA certificate.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder getGrpcEndpointOrBuilder() {
+    if (typeCase_ == 2) {
+      return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+    }
+    return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+  }
+
+  public static final int CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER = 3;
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return Whether the certificateProviderInstance field is set.
+   */
+  @java.lang.Override
+  public boolean hasCertificateProviderInstance() {
+    return typeCase_ == 3;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return The certificateProviderInstance.
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProviderInstance
+      getCertificateProviderInstance() {
+    if (typeCase_ == 3) {
+      return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+    }
+    return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   */
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder
+      getCertificateProviderInstanceOrBuilder() {
+    if (typeCase_ == 3) {
+      return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+    }
+    return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (typeCase_ == 2) {
+      output.writeMessage(2, (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_);
+    }
+    if (typeCase_ == 3) {
+      output.writeMessage(
+          3, (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (typeCase_ == 2) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(
+              2, (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_);
+    }
+    if (typeCase_ == 3) {
+      size +=
+          com.google.protobuf.CodedOutputStream.computeMessageSize(
+              3, (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.cloud.networksecurity.v1.ValidationCA)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.networksecurity.v1.ValidationCA other =
+        (com.google.cloud.networksecurity.v1.ValidationCA) obj;
+
+    if (!getTypeCase().equals(other.getTypeCase())) return false;
+    switch (typeCase_) {
+      case 2:
+        if (!getGrpcEndpoint().equals(other.getGrpcEndpoint())) return false;
+        break;
+      case 3:
+        if (!getCertificateProviderInstance().equals(other.getCertificateProviderInstance()))
+          return false;
+        break;
+      case 0:
+      default:
+    }
+    if (!unknownFields.equals(other.unknownFields)) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    switch (typeCase_) {
+      case 2:
+        hash = (37 * hash) + GRPC_ENDPOINT_FIELD_NUMBER;
+        hash = (53 * hash) + getGrpcEndpoint().hashCode();
+        break;
+      case 3:
+        hash = (37 * hash) + CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER;
+        hash = (53 * hash) + getCertificateProviderInstance().hashCode();
+        break;
+      case 0:
+      default:
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(com.google.cloud.networksecurity.v1.ValidationCA prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Specification of ValidationCA. Defines the mechanism to obtain the
+   * Certificate Authority certificate to validate the peer certificate.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.networksecurity.v1.ValidationCA}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.networksecurity.v1.ValidationCA)
+      com.google.cloud.networksecurity.v1.ValidationCAOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_ValidationCA_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_ValidationCA_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.networksecurity.v1.ValidationCA.class,
+              com.google.cloud.networksecurity.v1.ValidationCA.Builder.class);
+    }
+
+    // Construct using com.google.cloud.networksecurity.v1.ValidationCA.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      typeCase_ = 0;
+      type_ = null;
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.networksecurity.v1.TlsProto
+          .internal_static_google_cloud_networksecurity_v1_ValidationCA_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ValidationCA getDefaultInstanceForType() {
+      return com.google.cloud.networksecurity.v1.ValidationCA.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ValidationCA build() {
+      com.google.cloud.networksecurity.v1.ValidationCA result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.ValidationCA buildPartial() {
+      com.google.cloud.networksecurity.v1.ValidationCA result =
+          new com.google.cloud.networksecurity.v1.ValidationCA(this);
+      if (typeCase_ == 2) {
+        if (grpcEndpointBuilder_ == null) {
+          result.type_ = type_;
+        } else {
+          result.type_ = grpcEndpointBuilder_.build();
+        }
+      }
+      if (typeCase_ == 3) {
+        if (certificateProviderInstanceBuilder_ == null) {
+          result.type_ = type_;
+        } else {
+          result.type_ = certificateProviderInstanceBuilder_.build();
+        }
+      }
+      result.typeCase_ = typeCase_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.networksecurity.v1.ValidationCA) {
+        return mergeFrom((com.google.cloud.networksecurity.v1.ValidationCA) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.networksecurity.v1.ValidationCA other) {
+      if (other == com.google.cloud.networksecurity.v1.ValidationCA.getDefaultInstance())
+        return this;
+      switch (other.getTypeCase()) {
+        case GRPC_ENDPOINT:
+          {
+            mergeGrpcEndpoint(other.getGrpcEndpoint());
+            break;
+          }
+        case CERTIFICATE_PROVIDER_INSTANCE:
+          {
+            mergeCertificateProviderInstance(other.getCertificateProviderInstance());
+            break;
+          }
+        case TYPE_NOT_SET:
+          {
+            break;
+          }
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.networksecurity.v1.ValidationCA parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.networksecurity.v1.ValidationCA) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private int typeCase_ = 0;
+    private java.lang.Object type_;
+
+    public TypeCase getTypeCase() {
+      return TypeCase.forNumber(typeCase_);
+    }
+
+    public Builder clearType() {
+      typeCase_ = 0;
+      type_ = null;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.GrpcEndpoint,
+            com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder,
+            com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder>
+        grpcEndpointBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     *
+     * @return Whether the grpcEndpoint field is set.
+     */
+    @java.lang.Override
+    public boolean hasGrpcEndpoint() {
+      return typeCase_ == 2;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     *
+     * @return The grpcEndpoint.
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GrpcEndpoint getGrpcEndpoint() {
+      if (grpcEndpointBuilder_ == null) {
+        if (typeCase_ == 2) {
+          return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+        }
+        return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+      } else {
+        if (typeCase_ == 2) {
+          return grpcEndpointBuilder_.getMessage();
+        }
+        return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder setGrpcEndpoint(com.google.cloud.networksecurity.v1.GrpcEndpoint value) {
+      if (grpcEndpointBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        type_ = value;
+        onChanged();
+      } else {
+        grpcEndpointBuilder_.setMessage(value);
+      }
+      typeCase_ = 2;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder setGrpcEndpoint(
+        com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder builderForValue) {
+      if (grpcEndpointBuilder_ == null) {
+        type_ = builderForValue.build();
+        onChanged();
+      } else {
+        grpcEndpointBuilder_.setMessage(builderForValue.build());
+      }
+      typeCase_ = 2;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder mergeGrpcEndpoint(com.google.cloud.networksecurity.v1.GrpcEndpoint value) {
+      if (grpcEndpointBuilder_ == null) {
+        if (typeCase_ == 2
+            && type_ != com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance()) {
+          type_ =
+              com.google.cloud.networksecurity.v1.GrpcEndpoint.newBuilder(
+                      (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          type_ = value;
+        }
+        onChanged();
+      } else {
+        if (typeCase_ == 2) {
+          grpcEndpointBuilder_.mergeFrom(value);
+        } else {
+          grpcEndpointBuilder_.setMessage(value);
+        }
+      }
+      typeCase_ = 2;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public Builder clearGrpcEndpoint() {
+      if (grpcEndpointBuilder_ == null) {
+        if (typeCase_ == 2) {
+          typeCase_ = 0;
+          type_ = null;
+          onChanged();
+        }
+      } else {
+        if (typeCase_ == 2) {
+          typeCase_ = 0;
+          type_ = null;
+        }
+        grpcEndpointBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    public com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder getGrpcEndpointBuilder() {
+      return getGrpcEndpointFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder getGrpcEndpointOrBuilder() {
+      if ((typeCase_ == 2) && (grpcEndpointBuilder_ != null)) {
+        return grpcEndpointBuilder_.getMessageOrBuilder();
+      } else {
+        if (typeCase_ == 2) {
+          return (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_;
+        }
+        return com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * gRPC specific configuration to access the gRPC server to
+     * obtain the CA certificate.
+     * </pre>
+     *
+     * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.GrpcEndpoint,
+            com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder,
+            com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder>
+        getGrpcEndpointFieldBuilder() {
+      if (grpcEndpointBuilder_ == null) {
+        if (!(typeCase_ == 2)) {
+          type_ = com.google.cloud.networksecurity.v1.GrpcEndpoint.getDefaultInstance();
+        }
+        grpcEndpointBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.GrpcEndpoint,
+                com.google.cloud.networksecurity.v1.GrpcEndpoint.Builder,
+                com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder>(
+                (com.google.cloud.networksecurity.v1.GrpcEndpoint) type_,
+                getParentForChildren(),
+                isClean());
+        type_ = null;
+      }
+      typeCase_ = 2;
+      onChanged();
+      ;
+      return grpcEndpointBuilder_;
+    }
+
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder>
+        certificateProviderInstanceBuilder_;
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     *
+     * @return Whether the certificateProviderInstance field is set.
+     */
+    @java.lang.Override
+    public boolean hasCertificateProviderInstance() {
+      return typeCase_ == 3;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     *
+     * @return The certificateProviderInstance.
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstance
+        getCertificateProviderInstance() {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (typeCase_ == 3) {
+          return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+        }
+        return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+      } else {
+        if (typeCase_ == 3) {
+          return certificateProviderInstanceBuilder_.getMessage();
+        }
+        return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder setCertificateProviderInstance(
+        com.google.cloud.networksecurity.v1.CertificateProviderInstance value) {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        type_ = value;
+        onChanged();
+      } else {
+        certificateProviderInstanceBuilder_.setMessage(value);
+      }
+      typeCase_ = 3;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder setCertificateProviderInstance(
+        com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder builderForValue) {
+      if (certificateProviderInstanceBuilder_ == null) {
+        type_ = builderForValue.build();
+        onChanged();
+      } else {
+        certificateProviderInstanceBuilder_.setMessage(builderForValue.build());
+      }
+      typeCase_ = 3;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder mergeCertificateProviderInstance(
+        com.google.cloud.networksecurity.v1.CertificateProviderInstance value) {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (typeCase_ == 3
+            && type_
+                != com.google.cloud.networksecurity.v1.CertificateProviderInstance
+                    .getDefaultInstance()) {
+          type_ =
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.newBuilder(
+                      (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_)
+                  .mergeFrom(value)
+                  .buildPartial();
+        } else {
+          type_ = value;
+        }
+        onChanged();
+      } else {
+        if (typeCase_ == 3) {
+          certificateProviderInstanceBuilder_.mergeFrom(value);
+        } else {
+          certificateProviderInstanceBuilder_.setMessage(value);
+        }
+      }
+      typeCase_ = 3;
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public Builder clearCertificateProviderInstance() {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (typeCase_ == 3) {
+          typeCase_ = 0;
+          type_ = null;
+          onChanged();
+        }
+      } else {
+        if (typeCase_ == 3) {
+          typeCase_ = 0;
+          type_ = null;
+        }
+        certificateProviderInstanceBuilder_.clear();
+      }
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder
+        getCertificateProviderInstanceBuilder() {
+      return getCertificateProviderInstanceFieldBuilder().getBuilder();
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    @java.lang.Override
+    public com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder
+        getCertificateProviderInstanceOrBuilder() {
+      if ((typeCase_ == 3) && (certificateProviderInstanceBuilder_ != null)) {
+        return certificateProviderInstanceBuilder_.getMessageOrBuilder();
+      } else {
+        if (typeCase_ == 3) {
+          return (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_;
+        }
+        return com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The certificate provider instance specification that will be passed to
+     * the data plane, which will be used to load necessary credential
+     * information.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+     * </code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder,
+            com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder>
+        getCertificateProviderInstanceFieldBuilder() {
+      if (certificateProviderInstanceBuilder_ == null) {
+        if (!(typeCase_ == 3)) {
+          type_ =
+              com.google.cloud.networksecurity.v1.CertificateProviderInstance.getDefaultInstance();
+        }
+        certificateProviderInstanceBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.cloud.networksecurity.v1.CertificateProviderInstance,
+                com.google.cloud.networksecurity.v1.CertificateProviderInstance.Builder,
+                com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder>(
+                (com.google.cloud.networksecurity.v1.CertificateProviderInstance) type_,
+                getParentForChildren(),
+                isClean());
+        type_ = null;
+      }
+      typeCase_ = 3;
+      onChanged();
+      ;
+      return certificateProviderInstanceBuilder_;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.networksecurity.v1.ValidationCA)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.networksecurity.v1.ValidationCA)
+  private static final com.google.cloud.networksecurity.v1.ValidationCA DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.networksecurity.v1.ValidationCA();
+  }
+
+  public static com.google.cloud.networksecurity.v1.ValidationCA getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<ValidationCA> PARSER =
+      new com.google.protobuf.AbstractParser<ValidationCA>() {
+        @java.lang.Override
+        public ValidationCA parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new ValidationCA(input, extensionRegistry);
+        }
+      };
+
+  public static com.google.protobuf.Parser<ValidationCA> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<ValidationCA> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.networksecurity.v1.ValidationCA getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCAOrBuilder.java b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCAOrBuilder.java
new file mode 100644
index 000000000000..6d2d2d80cd9a
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/java/com/google/cloud/networksecurity/v1/ValidationCAOrBuilder.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/networksecurity/v1/tls.proto
+
+package com.google.cloud.networksecurity.v1;
+
+public interface ValidationCAOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.networksecurity.v1.ValidationCA)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the CA certificate.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return Whether the grpcEndpoint field is set.
+   */
+  boolean hasGrpcEndpoint();
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the CA certificate.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   *
+   * @return The grpcEndpoint.
+   */
+  com.google.cloud.networksecurity.v1.GrpcEndpoint getGrpcEndpoint();
+  /**
+   *
+   *
+   * <pre>
+   * gRPC specific configuration to access the gRPC server to
+   * obtain the CA certificate.
+   * </pre>
+   *
+   * <code>.google.cloud.networksecurity.v1.GrpcEndpoint grpc_endpoint = 2;</code>
+   */
+  com.google.cloud.networksecurity.v1.GrpcEndpointOrBuilder getGrpcEndpointOrBuilder();
+
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return Whether the certificateProviderInstance field is set.
+   */
+  boolean hasCertificateProviderInstance();
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   *
+   * @return The certificateProviderInstance.
+   */
+  com.google.cloud.networksecurity.v1.CertificateProviderInstance getCertificateProviderInstance();
+  /**
+   *
+   *
+   * <pre>
+   * The certificate provider instance specification that will be passed to
+   * the data plane, which will be used to load necessary credential
+   * information.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.networksecurity.v1.CertificateProviderInstance certificate_provider_instance = 3;
+   * </code>
+   */
+  com.google.cloud.networksecurity.v1.CertificateProviderInstanceOrBuilder
+      getCertificateProviderInstanceOrBuilder();
+
+  public com.google.cloud.networksecurity.v1.ValidationCA.TypeCase getTypeCase();
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/authorization_policy.proto b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/authorization_policy.proto
new file mode 100644
index 000000000000..e66afdddec2e
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/authorization_policy.proto
@@ -0,0 +1,249 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.networksecurity.v1;
+
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
+import "google/protobuf/field_mask.proto";
+import "google/protobuf/timestamp.proto";
+
+option csharp_namespace = "Google.Cloud.NetworkSecurity.V1";
+option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1;networksecurity";
+option java_multiple_files = true;
+option java_outer_classname = "AuthorizationPolicyProto";
+option java_package = "com.google.cloud.networksecurity.v1";
+option php_namespace = "Google\\Cloud\\NetworkSecurity\\V1";
+option ruby_package = "Google::Cloud::NetworkSecurity::V1";
+
+// AuthorizationPolicy is a resource that specifies how a server
+// should authorize incoming connections. This resource in itself does
+// not change the configuration unless it's attached to a target https
+// proxy or endpoint config selector resource.
+message AuthorizationPolicy {
+  option (google.api.resource) = {
+    type: "networksecurity.googleapis.com/AuthorizationPolicy"
+    pattern: "projects/{project}/locations/{location}/authorizationPolicies/{authorization_policy}"
+  };
+
+  // Specification of rules.
+  message Rule {
+    // Specification of traffic source attributes.
+    message Source {
+      // Optional. List of peer identities to match for authorization. At least one
+      // principal should match. Each peer can be an exact match, or a prefix
+      // match (example, "namespace/*") or a suffix match (example,
+      // "*/service-account") or a presence match "*". Authorization based on
+      // the principal name without certificate validation (configured by
+      // ServerTlsPolicy resource) is considered insecure.
+      repeated string principals = 1 [(google.api.field_behavior) = OPTIONAL];
+
+      // Optional. List of CIDR ranges to match based on source IP address. At least one
+      // IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
+      // "1.2.3.0/24") are supported. Authorization based on source IP alone
+      // should be avoided. The IP addresses of any load balancers or proxies
+      // should be considered untrusted.
+      repeated string ip_blocks = 2 [(google.api.field_behavior) = OPTIONAL];
+    }
+
+    // Specification of traffic destination attributes.
+    message Destination {
+      // Specification of HTTP header match attributes.
+      message HttpHeaderMatch {
+        oneof type {
+          // Required. The value of the header must match the regular expression
+          // specified in regexMatch. For regular expression grammar,
+          // please see: en.cppreference.com/w/cpp/regex/ecmascript
+          // For matching against a port specified in the HTTP
+          // request, use a headerMatch with headerName set to Host
+          // and a regular expression that satisfies the RFC2616 Host
+          // header's port specifier.
+          string regex_match = 2 [(google.api.field_behavior) = REQUIRED];
+        }
+
+        // Required. The name of the HTTP header to match. For matching
+        // against the HTTP request's authority, use a headerMatch
+        // with the header name ":authority". For matching a
+        // request's method, use the headerName ":method".
+        string header_name = 1 [(google.api.field_behavior) = REQUIRED];
+      }
+
+      // Required. List of host names to match. Matched against the ":authority" header in
+      // http requests. At least one host should match. Each host can be an
+      // exact match, or a prefix match (example "mydomain.*") or a suffix
+      // match (example "*.myorg.com") or a presence (any) match "*".
+      repeated string hosts = 1 [(google.api.field_behavior) = REQUIRED];
+
+      // Required. List of destination ports to match. At least one port should match.
+      repeated uint32 ports = 2 [(google.api.field_behavior) = REQUIRED];
+
+      // Optional. A list of HTTP methods to match. At least one method should
+      // match. Should not be set for gRPC services.
+      repeated string methods = 4 [(google.api.field_behavior) = OPTIONAL];
+
+      // Optional. Match against key:value pair in http header. Provides a flexible match
+      // based on HTTP headers, for potentially advanced use cases. At least one
+      // header should match. Avoid using header matches to make authorization
+      // decisions unless there is a strong guarantee that requests arrive
+      // through a trusted client or proxy.
+      HttpHeaderMatch http_header_match = 5 [(google.api.field_behavior) = OPTIONAL];
+    }
+
+    // Optional. List of attributes for the traffic source. All of the sources must match.
+    // A source is a match if both principals and ip_blocks match. If not set,
+    // the action specified in the 'action' field will be applied without any
+    // rule checks for the source.
+    repeated Source sources = 1 [(google.api.field_behavior) = OPTIONAL];
+
+    // Optional. List of attributes for the traffic destination. All of the destinations
+    // must match. A destination is a match if a request matches all the
+    // specified hosts, ports, methods and headers. If not set, the
+    // action specified in the 'action' field will be applied without any rule
+    // checks for the destination.
+    repeated Destination destinations = 2 [(google.api.field_behavior) = OPTIONAL];
+  }
+
+  // Possible values that define what action to take.
+  enum Action {
+    // Default value.
+    ACTION_UNSPECIFIED = 0;
+
+    // Grant access.
+    ALLOW = 1;
+
+    // Deny access.
+    // Deny rules should be avoided unless they are used to provide a default
+    // "deny all" fallback.
+    DENY = 2;
+  }
+
+  // Required. Name of the AuthorizationPolicy resource. It matches pattern
+  // `projects/{project}/locations/{location}/authorizationPolicies/<authorization_policy>`.
+  string name = 1 [(google.api.field_behavior) = REQUIRED];
+
+  // Optional. Free-text description of the resource.
+  string description = 2 [(google.api.field_behavior) = OPTIONAL];
+
+  // Output only. The timestamp when the resource was created.
+  google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The timestamp when the resource was updated.
+  google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Optional. Set of label tags associated with the AuthorizationPolicy resource.
+  map<string, string> labels = 5 [(google.api.field_behavior) = OPTIONAL];
+
+  // Required. The action to take when a rule match is found. Possible values
+  // are "ALLOW" or "DENY".
+  Action action = 6 [(google.api.field_behavior) = REQUIRED];
+
+  // Optional. List of rules to match. Note that at least one of the rules must match in
+  // order for the action specified in the 'action' field to be taken. A rule is
+  // a match if there is a matching source and destination. If left blank, the
+  // action specified in the `action` field will be applied on every request.
+  repeated Rule rules = 7 [(google.api.field_behavior) = OPTIONAL];
+}
+
+// Request used with the ListAuthorizationPolicies method.
+message ListAuthorizationPoliciesRequest {
+  // Required. The project and location from which the AuthorizationPolicies
+  // should be listed, specified in the format
+  // `projects/{project}/locations/{location}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "locations.googleapis.com/Location"
+    }
+  ];
+
+  // Maximum number of AuthorizationPolicies to return per call.
+  int32 page_size = 2;
+
+  // The value returned by the last
+  // `ListAuthorizationPoliciesResponse` Indicates that this is a
+  // continuation of a prior `ListAuthorizationPolicies` call, and
+  // that the system should return the next page of data.
+  string page_token = 3;
+}
+
+// Response returned by the ListAuthorizationPolicies method.
+message ListAuthorizationPoliciesResponse {
+  // List of AuthorizationPolicies resources.
+  repeated AuthorizationPolicy authorization_policies = 1;
+
+  // If there might be more results than those appearing in this response, then
+  // `next_page_token` is included. To get the next set of results, call this
+  // method again using the value of `next_page_token` as `page_token`.
+  string next_page_token = 2;
+}
+
+// Request used by the GetAuthorizationPolicy method.
+message GetAuthorizationPolicyRequest {
+  // Required. A name of the AuthorizationPolicy to get. Must be in the format
+  // `projects/{project}/locations/{location}/authorizationPolicies/*`.
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "networksecurity.googleapis.com/AuthorizationPolicy"
+    }
+  ];
+}
+
+// Request used by the CreateAuthorizationPolicy method.
+message CreateAuthorizationPolicyRequest {
+  // Required. The parent resource of the AuthorizationPolicy. Must be in the
+  // format `projects/{project}/locations/{location}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      child_type: "networksecurity.googleapis.com/AuthorizationPolicy"
+    }
+  ];
+
+  // Required. Short name of the AuthorizationPolicy resource to be created.
+  // This value should be 1-63 characters long, containing only
+  // letters, numbers, hyphens, and underscores, and should not start
+  // with a number. E.g. "authz_policy".
+  string authorization_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
+
+  // Required. AuthorizationPolicy resource to be created.
+  AuthorizationPolicy authorization_policy = 3 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Request used by the UpdateAuthorizationPolicy method.
+message UpdateAuthorizationPolicyRequest {
+  // Optional. Field mask is used to specify the fields to be overwritten in the
+  // AuthorizationPolicy resource by the update.
+  // The fields specified in the update_mask are relative to the resource, not
+  // the full request. A field will be overwritten if it is in the mask. If the
+  // user does not provide a mask then all fields will be overwritten.
+  google.protobuf.FieldMask update_mask = 1 [(google.api.field_behavior) = OPTIONAL];
+
+  // Required. Updated AuthorizationPolicy resource.
+  AuthorizationPolicy authorization_policy = 2 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Request used by the DeleteAuthorizationPolicy method.
+message DeleteAuthorizationPolicyRequest {
+  // Required. A name of the AuthorizationPolicy to delete. Must be in the format
+  // `projects/{project}/locations/{location}/authorizationPolicies/*`.
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "networksecurity.googleapis.com/AuthorizationPolicy"
+    }
+  ];
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/client_tls_policy.proto b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/client_tls_policy.proto
new file mode 100644
index 000000000000..4cba3efac4bf
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/client_tls_policy.proto
@@ -0,0 +1,160 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.networksecurity.v1;
+
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
+import "google/cloud/networksecurity/v1/tls.proto";
+import "google/protobuf/field_mask.proto";
+import "google/protobuf/timestamp.proto";
+
+option csharp_namespace = "Google.Cloud.NetworkSecurity.V1";
+option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1;networksecurity";
+option java_multiple_files = true;
+option java_outer_classname = "ClientTlsPolicyProto";
+option java_package = "com.google.cloud.networksecurity.v1";
+option php_namespace = "Google\\Cloud\\NetworkSecurity\\V1";
+option ruby_package = "Google::Cloud::NetworkSecurity::V1";
+
+// ClientTlsPolicy is a resource that specifies how a client should authenticate
+// connections to backends of a service. This resource itself does not affect
+// configuration unless it is attached to a backend service resource.
+message ClientTlsPolicy {
+  option (google.api.resource) = {
+    type: "networksecurity.googleapis.com/ClientTlsPolicy"
+    pattern: "projects/{project}/locations/{location}/clientTlsPolicies/{client_tls_policy}"
+  };
+
+  // Required. Name of the ClientTlsPolicy resource. It matches the pattern
+  // `projects/*/locations/{location}/clientTlsPolicies/{client_tls_policy}`
+  string name = 1 [(google.api.field_behavior) = REQUIRED];
+
+  // Optional. Free-text description of the resource.
+  string description = 2 [(google.api.field_behavior) = OPTIONAL];
+
+  // Output only. The timestamp when the resource was created.
+  google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The timestamp when the resource was updated.
+  google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Optional. Set of label tags associated with the resource.
+  map<string, string> labels = 5 [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. Server Name Indication string to present to the server during TLS
+  // handshake. E.g: "secure.example.com".
+  string sni = 6 [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. Defines a mechanism to provision client identity (public and private keys)
+  // for peer to peer authentication. The presence of this dictates mTLS.
+  CertificateProvider client_certificate = 7 [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. Defines the mechanism to obtain the Certificate Authority certificate to
+  // validate the server certificate. If empty, client does not validate the
+  // server certificate.
+  repeated ValidationCA server_validation_ca = 8 [(google.api.field_behavior) = OPTIONAL];
+}
+
+// Request used by the ListClientTlsPolicies method.
+message ListClientTlsPoliciesRequest {
+  // Required. The project and location from which the ClientTlsPolicies should
+  // be listed, specified in the format `projects/*/locations/{location}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "locations.googleapis.com/Location"
+    }
+  ];
+
+  // Maximum number of ClientTlsPolicies to return per call.
+  int32 page_size = 2;
+
+  // The value returned by the last `ListClientTlsPoliciesResponse`
+  // Indicates that this is a continuation of a prior
+  // `ListClientTlsPolicies` call, and that the system
+  // should return the next page of data.
+  string page_token = 3;
+}
+
+// Response returned by the ListClientTlsPolicies method.
+message ListClientTlsPoliciesResponse {
+  // List of ClientTlsPolicy resources.
+  repeated ClientTlsPolicy client_tls_policies = 1;
+
+  // If there might be more results than those appearing in this response, then
+  // `next_page_token` is included. To get the next set of results, call this
+  // method again using the value of `next_page_token` as `page_token`.
+  string next_page_token = 2;
+}
+
+// Request used by the GetClientTlsPolicy method.
+message GetClientTlsPolicyRequest {
+  // Required. A name of the ClientTlsPolicy to get. Must be in the format
+  // `projects/*/locations/{location}/clientTlsPolicies/*`.
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "networksecurity.googleapis.com/ClientTlsPolicy"
+    }
+  ];
+}
+
+// Request used by the CreateClientTlsPolicy method.
+message CreateClientTlsPolicyRequest {
+  // Required. The parent resource of the ClientTlsPolicy. Must be in
+  // the format `projects/*/locations/{location}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      child_type: "networksecurity.googleapis.com/ClientTlsPolicy"
+    }
+  ];
+
+  // Required. Short name of the ClientTlsPolicy resource to be created. This value should
+  // be 1-63 characters long, containing only letters, numbers, hyphens, and
+  // underscores, and should not start with a number. E.g. "client_mtls_policy".
+  string client_tls_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
+
+  // Required. ClientTlsPolicy resource to be created.
+  ClientTlsPolicy client_tls_policy = 3 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Request used by UpdateClientTlsPolicy method.
+message UpdateClientTlsPolicyRequest {
+  // Optional. Field mask is used to specify the fields to be overwritten in the
+  // ClientTlsPolicy resource by the update.  The fields
+  // specified in the update_mask are relative to the resource, not
+  // the full request. A field will be overwritten if it is in the
+  // mask. If the user does not provide a mask then all fields will be
+  // overwritten.
+  google.protobuf.FieldMask update_mask = 1 [(google.api.field_behavior) = OPTIONAL];
+
+  // Required. Updated ClientTlsPolicy resource.
+  ClientTlsPolicy client_tls_policy = 2 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Request used by the DeleteClientTlsPolicy method.
+message DeleteClientTlsPolicyRequest {
+  // Required. A name of the ClientTlsPolicy to delete. Must be in
+  // the format `projects/*/locations/{location}/clientTlsPolicies/*`.
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "networksecurity.googleapis.com/ClientTlsPolicy"
+    }
+  ];
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/common.proto b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/common.proto
new file mode 100644
index 000000000000..1ec1905bf365
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/common.proto
@@ -0,0 +1,55 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.networksecurity.v1;
+
+import "google/api/field_behavior.proto";
+import "google/protobuf/timestamp.proto";
+
+option csharp_namespace = "Google.Cloud.NetworkSecurity.V1";
+option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1;networksecurity";
+option java_multiple_files = true;
+option java_outer_classname = "CommonProto";
+option java_package = "com.google.cloud.networksecurity.v1";
+option php_namespace = "Google\\Cloud\\NetworkSecurity\\V1";
+option ruby_package = "Google::Cloud::NetworkSecurity::V1";
+
+// Represents the metadata of the long-running operation.
+message OperationMetadata {
+  // Output only. The time the operation was created.
+  google.protobuf.Timestamp create_time = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The time the operation finished running.
+  google.protobuf.Timestamp end_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. Server-defined resource path for the target of the operation.
+  string target = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. Name of the verb executed by the operation.
+  string verb = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. Human-readable status of the operation, if any.
+  string status_message = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. Identifies whether the user has requested cancellation
+  // of the operation. Operations that have successfully been cancelled
+  // have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
+  // corresponding to `Code.CANCELLED`.
+  bool requested_cancellation = 6 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. API version used to start the operation.
+  string api_version = 7 [(google.api.field_behavior) = OUTPUT_ONLY];
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/network_security.proto b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/network_security.proto
new file mode 100644
index 000000000000..addce1e17e83
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/network_security.proto
@@ -0,0 +1,201 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.networksecurity.v1;
+
+import "google/api/annotations.proto";
+import "google/api/client.proto";
+import "google/cloud/networksecurity/v1/authorization_policy.proto";
+import "google/cloud/networksecurity/v1/client_tls_policy.proto";
+import "google/cloud/networksecurity/v1/server_tls_policy.proto";
+import "google/longrunning/operations.proto";
+
+option csharp_namespace = "Google.Cloud.NetworkSecurity.V1";
+option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1;networksecurity";
+option java_multiple_files = true;
+option java_package = "com.google.cloud.networksecurity.v1";
+option php_namespace = "Google\\Cloud\\NetworkSecurity\\V1";
+option ruby_package = "Google::Cloud::NetworkSecurity::V1";
+
+// Network Security API provides resources to configure authentication and
+// authorization policies. Refer to per API resource documentation for more
+// information.
+service NetworkSecurity {
+  option (google.api.default_host) = "networksecurity.googleapis.com";
+  option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
+
+  // Lists AuthorizationPolicies in a given project and location.
+  rpc ListAuthorizationPolicies(ListAuthorizationPoliciesRequest) returns (ListAuthorizationPoliciesResponse) {
+    option (google.api.http) = {
+      get: "/v1/{parent=projects/*/locations/*}/authorizationPolicies"
+    };
+    option (google.api.method_signature) = "parent";
+  }
+
+  // Gets details of a single AuthorizationPolicy.
+  rpc GetAuthorizationPolicy(GetAuthorizationPolicyRequest) returns (AuthorizationPolicy) {
+    option (google.api.http) = {
+      get: "/v1/{name=projects/*/locations/*/authorizationPolicies/*}"
+    };
+    option (google.api.method_signature) = "name";
+  }
+
+  // Creates a new AuthorizationPolicy in a given project and location.
+  rpc CreateAuthorizationPolicy(CreateAuthorizationPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      post: "/v1/{parent=projects/*/locations/*}/authorizationPolicies"
+      body: "authorization_policy"
+    };
+    option (google.api.method_signature) = "parent,authorization_policy,authorization_policy_id";
+    option (google.longrunning.operation_info) = {
+      response_type: "AuthorizationPolicy"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Updates the parameters of a single AuthorizationPolicy.
+  rpc UpdateAuthorizationPolicy(UpdateAuthorizationPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      patch: "/v1/{authorization_policy.name=projects/*/locations/*/authorizationPolicies/*}"
+      body: "authorization_policy"
+    };
+    option (google.api.method_signature) = "authorization_policy,update_mask";
+    option (google.longrunning.operation_info) = {
+      response_type: "AuthorizationPolicy"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Deletes a single AuthorizationPolicy.
+  rpc DeleteAuthorizationPolicy(DeleteAuthorizationPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      delete: "/v1/{name=projects/*/locations/*/authorizationPolicies/*}"
+    };
+    option (google.api.method_signature) = "name";
+    option (google.longrunning.operation_info) = {
+      response_type: "google.protobuf.Empty"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Lists ServerTlsPolicies in a given project and location.
+  rpc ListServerTlsPolicies(ListServerTlsPoliciesRequest) returns (ListServerTlsPoliciesResponse) {
+    option (google.api.http) = {
+      get: "/v1/{parent=projects/*/locations/*}/serverTlsPolicies"
+    };
+    option (google.api.method_signature) = "parent";
+  }
+
+  // Gets details of a single ServerTlsPolicy.
+  rpc GetServerTlsPolicy(GetServerTlsPolicyRequest) returns (ServerTlsPolicy) {
+    option (google.api.http) = {
+      get: "/v1/{name=projects/*/locations/*/serverTlsPolicies/*}"
+    };
+    option (google.api.method_signature) = "name";
+  }
+
+  // Creates a new ServerTlsPolicy in a given project and location.
+  rpc CreateServerTlsPolicy(CreateServerTlsPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      post: "/v1/{parent=projects/*/locations/*}/serverTlsPolicies"
+      body: "server_tls_policy"
+    };
+    option (google.api.method_signature) = "parent,server_tls_policy,server_tls_policy_id";
+    option (google.longrunning.operation_info) = {
+      response_type: "ServerTlsPolicy"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Updates the parameters of a single ServerTlsPolicy.
+  rpc UpdateServerTlsPolicy(UpdateServerTlsPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      patch: "/v1/{server_tls_policy.name=projects/*/locations/*/serverTlsPolicies/*}"
+      body: "server_tls_policy"
+    };
+    option (google.api.method_signature) = "server_tls_policy,update_mask";
+    option (google.longrunning.operation_info) = {
+      response_type: "ServerTlsPolicy"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Deletes a single ServerTlsPolicy.
+  rpc DeleteServerTlsPolicy(DeleteServerTlsPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      delete: "/v1/{name=projects/*/locations/*/serverTlsPolicies/*}"
+    };
+    option (google.api.method_signature) = "name";
+    option (google.longrunning.operation_info) = {
+      response_type: "google.protobuf.Empty"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Lists ClientTlsPolicies in a given project and location.
+  rpc ListClientTlsPolicies(ListClientTlsPoliciesRequest) returns (ListClientTlsPoliciesResponse) {
+    option (google.api.http) = {
+      get: "/v1/{parent=projects/*/locations/*}/clientTlsPolicies"
+    };
+    option (google.api.method_signature) = "parent";
+  }
+
+  // Gets details of a single ClientTlsPolicy.
+  rpc GetClientTlsPolicy(GetClientTlsPolicyRequest) returns (ClientTlsPolicy) {
+    option (google.api.http) = {
+      get: "/v1/{name=projects/*/locations/*/clientTlsPolicies/*}"
+    };
+    option (google.api.method_signature) = "name";
+  }
+
+  // Creates a new ClientTlsPolicy in a given project and location.
+  rpc CreateClientTlsPolicy(CreateClientTlsPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      post: "/v1/{parent=projects/*/locations/*}/clientTlsPolicies"
+      body: "client_tls_policy"
+    };
+    option (google.api.method_signature) = "parent,client_tls_policy,client_tls_policy_id";
+    option (google.longrunning.operation_info) = {
+      response_type: "ClientTlsPolicy"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Updates the parameters of a single ClientTlsPolicy.
+  rpc UpdateClientTlsPolicy(UpdateClientTlsPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      patch: "/v1/{client_tls_policy.name=projects/*/locations/*/clientTlsPolicies/*}"
+      body: "client_tls_policy"
+    };
+    option (google.api.method_signature) = "client_tls_policy,update_mask";
+    option (google.longrunning.operation_info) = {
+      response_type: "ClientTlsPolicy"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+
+  // Deletes a single ClientTlsPolicy.
+  rpc DeleteClientTlsPolicy(DeleteClientTlsPolicyRequest) returns (google.longrunning.Operation) {
+    option (google.api.http) = {
+      delete: "/v1/{name=projects/*/locations/*/clientTlsPolicies/*}"
+    };
+    option (google.api.method_signature) = "name";
+    option (google.longrunning.operation_info) = {
+      response_type: "google.protobuf.Empty"
+      metadata_type: "google.cloud.networksecurity.v1.OperationMetadata"
+    };
+  }
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/server_tls_policy.proto b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/server_tls_policy.proto
new file mode 100644
index 000000000000..fb549068ac34
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/server_tls_policy.proto
@@ -0,0 +1,181 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.networksecurity.v1;
+
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
+import "google/cloud/networksecurity/v1/tls.proto";
+import "google/protobuf/field_mask.proto";
+import "google/protobuf/timestamp.proto";
+
+option csharp_namespace = "Google.Cloud.NetworkSecurity.V1";
+option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1;networksecurity";
+option java_multiple_files = true;
+option java_outer_classname = "ServerTlsPolicyProto";
+option java_package = "com.google.cloud.networksecurity.v1";
+option php_namespace = "Google\\Cloud\\NetworkSecurity\\V1";
+option ruby_package = "Google::Cloud::NetworkSecurity::V1";
+
+// ServerTlsPolicy is a resource that specifies how a server should authenticate
+// incoming requests. This resource itself does not affect configuration unless
+// it is attached to a target https proxy or endpoint config selector resource.
+message ServerTlsPolicy {
+  option (google.api.resource) = {
+    type: "networksecurity.googleapis.com/ServerTlsPolicy"
+    pattern: "projects/{project}/locations/{location}/serverTlsPolicies/{server_tls_policy}"
+  };
+
+  // Specification of the MTLSPolicy.
+  message MTLSPolicy {
+    //
+    // Defines the mechanism to obtain the Certificate Authority certificate to
+    // validate the client certificate.
+    repeated ValidationCA client_validation_ca = 1;
+  }
+
+  // Required. Name of the ServerTlsPolicy resource. It matches the pattern
+  // `projects/*/locations/{location}/serverTlsPolicies/{server_tls_policy}`
+  string name = 1 [(google.api.field_behavior) = REQUIRED];
+
+  // Free-text description of the resource.
+  string description = 2;
+
+  // Output only. The timestamp when the resource was created.
+  google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The timestamp when the resource was updated.
+  google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Set of label tags associated with the resource.
+  map<string, string> labels = 5;
+
+  //
+  // Determines if server allows plaintext connections. If set to true, server
+  // allows plain text connections. By default, it is set to false. This setting
+  // is not exclusive of other encryption modes. For example, if `allow_open`
+  // and `mtls_policy` are set, server allows both plain text and mTLS
+  // connections. See documentation of other encryption modes to confirm
+  // compatibility.
+  //
+  // Consider using it if you wish to upgrade in place your deployment to TLS
+  // while having mixed TLS and non-TLS traffic reaching port :80.
+  bool allow_open = 6;
+
+  //
+  // Defines a mechanism to provision server identity (public and private keys).
+  // Cannot be combined with `allow_open` as a permissive mode that allows both
+  // plain text and TLS is not supported.
+  CertificateProvider server_certificate = 7;
+
+  //
+  // Defines a mechanism to provision peer validation certificates for peer to
+  // peer authentication (Mutual TLS - mTLS). If not specified, client
+  // certificate will not be requested. The connection is treated as TLS and not
+  // mTLS. If `allow_open` and `mtls_policy` are set, server allows both plain
+  // text and mTLS connections.
+  MTLSPolicy mtls_policy = 8;
+}
+
+// Request used by the ListServerTlsPolicies method.
+message ListServerTlsPoliciesRequest {
+  // Required. The project and location from which the ServerTlsPolicies should
+  // be listed, specified in the format `projects/*/locations/{location}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "locations.googleapis.com/Location"
+    }
+  ];
+
+  // Maximum number of ServerTlsPolicies to return per call.
+  int32 page_size = 2;
+
+  // The value returned by the last `ListServerTlsPoliciesResponse`
+  // Indicates that this is a continuation of a prior
+  // `ListServerTlsPolicies` call, and that the system
+  // should return the next page of data.
+  string page_token = 3;
+}
+
+// Response returned by the ListServerTlsPolicies method.
+message ListServerTlsPoliciesResponse {
+  // List of ServerTlsPolicy resources.
+  repeated ServerTlsPolicy server_tls_policies = 1;
+
+  // If there might be more results than those appearing in this response, then
+  // `next_page_token` is included. To get the next set of results, call this
+  // method again using the value of `next_page_token` as `page_token`.
+  string next_page_token = 2;
+}
+
+// Request used by the GetServerTlsPolicy method.
+message GetServerTlsPolicyRequest {
+  // Required. A name of the ServerTlsPolicy to get. Must be in the format
+  // `projects/*/locations/{location}/serverTlsPolicies/*`.
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "networksecurity.googleapis.com/ServerTlsPolicy"
+    }
+  ];
+}
+
+// Request used by the CreateServerTlsPolicy method.
+message CreateServerTlsPolicyRequest {
+  // Required. The parent resource of the ServerTlsPolicy. Must be in
+  // the format `projects/*/locations/{location}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      child_type: "networksecurity.googleapis.com/ServerTlsPolicy"
+    }
+  ];
+
+  // Required. Short name of the ServerTlsPolicy resource to be created. This value should
+  // be 1-63 characters long, containing only letters, numbers, hyphens, and
+  // underscores, and should not start with a number. E.g. "server_mtls_policy".
+  string server_tls_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
+
+  // Required. ServerTlsPolicy resource to be created.
+  ServerTlsPolicy server_tls_policy = 3 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Request used by UpdateServerTlsPolicy method.
+message UpdateServerTlsPolicyRequest {
+  // Optional. Field mask is used to specify the fields to be overwritten in the
+  // ServerTlsPolicy resource by the update.  The fields
+  // specified in the update_mask are relative to the resource, not
+  // the full request. A field will be overwritten if it is in the
+  // mask. If the user does not provide a mask then all fields will be
+  // overwritten.
+  google.protobuf.FieldMask update_mask = 1 [(google.api.field_behavior) = OPTIONAL];
+
+  // Required. Updated ServerTlsPolicy resource.
+  ServerTlsPolicy server_tls_policy = 2 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Request used by the DeleteServerTlsPolicy method.
+message DeleteServerTlsPolicyRequest {
+  // Required. A name of the ServerTlsPolicy to delete. Must be in
+  // the format `projects/*/locations/{location}/serverTlsPolicies/*`.
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "networksecurity.googleapis.com/ServerTlsPolicy"
+    }
+  ];
+}
diff --git a/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/tls.proto b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/tls.proto
new file mode 100644
index 000000000000..2b23d8ef1aff
--- /dev/null
+++ b/java-network-security/proto-google-cloud-network-security-v1/src/main/proto/google/cloud/networksecurity/v1/tls.proto
@@ -0,0 +1,78 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.networksecurity.v1;
+
+import "google/api/field_behavior.proto";
+
+option csharp_namespace = "Google.Cloud.NetworkSecurity.V1";
+option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1;networksecurity";
+option java_multiple_files = true;
+option java_outer_classname = "TlsProto";
+option java_package = "com.google.cloud.networksecurity.v1";
+option php_namespace = "Google\\Cloud\\NetworkSecurity\\V1";
+option ruby_package = "Google::Cloud::NetworkSecurity::V1";
+
+// Specification of the GRPC Endpoint.
+message GrpcEndpoint {
+  // Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
+  // should start with "unix:".
+  string target_uri = 1 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Specification of ValidationCA. Defines the mechanism to obtain the
+// Certificate Authority certificate to validate the peer certificate.
+message ValidationCA {
+  // The type of certificate provider which provides the CA certificate.
+  oneof type {
+    // gRPC specific configuration to access the gRPC server to
+    // obtain the CA certificate.
+    GrpcEndpoint grpc_endpoint = 2;
+
+    // The certificate provider instance specification that will be passed to
+    // the data plane, which will be used to load necessary credential
+    // information.
+    CertificateProviderInstance certificate_provider_instance = 3;
+  }
+}
+
+// Specification of a TLS certificate provider instance. Workloads may have one
+// or more CertificateProvider instances (plugins) and one of them is enabled
+// and configured by specifying this message. Workloads use the values from this
+// message to locate and load the CertificateProvider instance configuration.
+message CertificateProviderInstance {
+  // Required. Plugin instance name, used to locate and load CertificateProvider instance
+  // configuration. Set to "google_cloud_private_spiffe" to use Certificate
+  // Authority Service certificate provider instance.
+  string plugin_instance = 1 [(google.api.field_behavior) = REQUIRED];
+}
+
+// Specification of certificate provider. Defines the mechanism to obtain the
+// certificate and private key for peer to peer authentication.
+message CertificateProvider {
+  // The type of certificate provider which provides the certificates and
+  // private keys.
+  oneof type {
+    // gRPC specific configuration to access the gRPC server to
+    // obtain the cert and private key.
+    GrpcEndpoint grpc_endpoint = 2;
+
+    // The certificate provider instance specification that will be passed to
+    // the data plane, which will be used to load necessary credential
+    // information.
+    CertificateProviderInstance certificate_provider_instance = 3;
+  }
+}
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetCredentialsProvider.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetCredentialsProvider.java
new file mode 100644
index 000000000000..75b43ca5d946
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetCredentialsProvider.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_create_setcredentialsprovider_sync]
+import com.google.api.gax.core.FixedCredentialsProvider;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecuritySettings;
+import com.google.cloud.networksecurity.v1beta1.myCredentials;
+
+public class SyncCreateSetCredentialsProvider {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateSetCredentialsProvider();
+  }
+
+  public static void syncCreateSetCredentialsProvider() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    NetworkSecuritySettings networkSecuritySettings =
+        NetworkSecuritySettings.newBuilder()
+            .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
+            .build();
+    NetworkSecurityClient networkSecurityClient =
+        NetworkSecurityClient.create(networkSecuritySettings);
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_create_setcredentialsprovider_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetEndpoint.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetEndpoint.java
new file mode 100644
index 000000000000..da11cdd6e9e4
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetEndpoint.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_create_setendpoint_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecuritySettings;
+import com.google.cloud.networksecurity.v1beta1.myEndpoint;
+
+public class SyncCreateSetEndpoint {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateSetEndpoint();
+  }
+
+  public static void syncCreateSetEndpoint() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    NetworkSecuritySettings networkSecuritySettings =
+        NetworkSecuritySettings.newBuilder().setEndpoint(myEndpoint).build();
+    NetworkSecurityClient networkSecurityClient =
+        NetworkSecurityClient.create(networkSecuritySettings);
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_create_setendpoint_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java
new file mode 100644
index 000000000000..491de0b9e9df
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.longrunning.Operation;
+
+public class AsyncCreateAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncCreateAuthorizationPolicy();
+  }
+
+  public static void asyncCreateAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateAuthorizationPolicyRequest request =
+          CreateAuthorizationPolicyRequest.newBuilder()
+              .setParent(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setAuthorizationPolicyId("authorizationPolicyId1314252166")
+              .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.createAuthorizationPolicyCallable().futureCall(request);
+      // Do something.
+      Operation response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java
new file mode 100644
index 000000000000..68a87363f716
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+
+public class AsyncCreateAuthorizationPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncCreateAuthorizationPolicyLRO();
+  }
+
+  public static void asyncCreateAuthorizationPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateAuthorizationPolicyRequest request =
+          CreateAuthorizationPolicyRequest.newBuilder()
+              .setParent(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setAuthorizationPolicyId("authorizationPolicyId1314252166")
+              .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+              .build();
+      OperationFuture<AuthorizationPolicy, OperationMetadata> future =
+          networkSecurityClient.createAuthorizationPolicyOperationCallable().futureCall(request);
+      // Do something.
+      AuthorizationPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java
new file mode 100644
index 000000000000..d1c6244ff734
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncCreateAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateAuthorizationPolicy();
+  }
+
+  public static void syncCreateAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateAuthorizationPolicyRequest request =
+          CreateAuthorizationPolicyRequest.newBuilder()
+              .setParent(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setAuthorizationPolicyId("authorizationPolicyId1314252166")
+              .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+              .build();
+      AuthorizationPolicy response =
+          networkSecurityClient.createAuthorizationPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString.java
new file mode 100644
index 000000000000..e6bacdff14e1
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_authorizationpolicynameauthorizationpolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString();
+  }
+
+  public static void syncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString()
+      throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      AuthorizationPolicyName parent =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      String authorizationPolicyId = "authorizationPolicyId1314252166";
+      AuthorizationPolicy response =
+          networkSecurityClient
+              .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+              .get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_authorizationpolicynameauthorizationpolicystring_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java
new file mode 100644
index 000000000000..9a6ac78cf677
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_stringauthorizationpolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncCreateAuthorizationPolicyStringAuthorizationpolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateAuthorizationPolicyStringAuthorizationpolicyString();
+  }
+
+  public static void syncCreateAuthorizationPolicyStringAuthorizationpolicyString()
+      throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String parent =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+              .toString();
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      String authorizationPolicyId = "authorizationPolicyId1314252166";
+      AuthorizationPolicy response =
+          networkSecurityClient
+              .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+              .get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_stringauthorizationpolicystring_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java
new file mode 100644
index 000000000000..a48741df0c15
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.longrunning.Operation;
+
+public class AsyncCreateClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncCreateClientTlsPolicy();
+  }
+
+  public static void asyncCreateClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateClientTlsPolicyRequest request =
+          CreateClientTlsPolicyRequest.newBuilder()
+              .setParent(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .setClientTlsPolicyId("clientTlsPolicyId-188933315")
+              .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.createClientTlsPolicyCallable().futureCall(request);
+      // Do something.
+      Operation response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java
new file mode 100644
index 000000000000..69b8176cf698
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+
+public class AsyncCreateClientTlsPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncCreateClientTlsPolicyLRO();
+  }
+
+  public static void asyncCreateClientTlsPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateClientTlsPolicyRequest request =
+          CreateClientTlsPolicyRequest.newBuilder()
+              .setParent(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .setClientTlsPolicyId("clientTlsPolicyId-188933315")
+              .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+              .build();
+      OperationFuture<ClientTlsPolicy, OperationMetadata> future =
+          networkSecurityClient.createClientTlsPolicyOperationCallable().futureCall(request);
+      // Do something.
+      ClientTlsPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java
new file mode 100644
index 000000000000..21e917d1be1a
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncCreateClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateClientTlsPolicy();
+  }
+
+  public static void syncCreateClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateClientTlsPolicyRequest request =
+          CreateClientTlsPolicyRequest.newBuilder()
+              .setParent(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .setClientTlsPolicyId("clientTlsPolicyId-188933315")
+              .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+              .build();
+      ClientTlsPolicy response = networkSecurityClient.createClientTlsPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString.java
new file mode 100644
index 000000000000..eb78ff27231b
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_clienttlspolicynameclienttlspolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString();
+  }
+
+  public static void syncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString()
+      throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ClientTlsPolicyName parent =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+      ClientTlsPolicy response =
+          networkSecurityClient
+              .createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId)
+              .get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_clienttlspolicynameclienttlspolicystring_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java
new file mode 100644
index 000000000000..ba6aa2b973f1
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_stringclienttlspolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncCreateClientTlsPolicyStringClienttlspolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateClientTlsPolicyStringClienttlspolicyString();
+  }
+
+  public static void syncCreateClientTlsPolicyStringClienttlspolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String parent =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString();
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+      ClientTlsPolicy response =
+          networkSecurityClient
+              .createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId)
+              .get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_stringclienttlspolicystring_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java
new file mode 100644
index 000000000000..501305408e60
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+import com.google.longrunning.Operation;
+
+public class AsyncCreateServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncCreateServerTlsPolicy();
+  }
+
+  public static void asyncCreateServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateServerTlsPolicyRequest request =
+          CreateServerTlsPolicyRequest.newBuilder()
+              .setParent(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
+              .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.createServerTlsPolicyCallable().futureCall(request);
+      // Do something.
+      Operation response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java
new file mode 100644
index 000000000000..1c96d17bec0d
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class AsyncCreateServerTlsPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncCreateServerTlsPolicyLRO();
+  }
+
+  public static void asyncCreateServerTlsPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateServerTlsPolicyRequest request =
+          CreateServerTlsPolicyRequest.newBuilder()
+              .setParent(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
+              .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+              .build();
+      OperationFuture<ServerTlsPolicy, OperationMetadata> future =
+          networkSecurityClient.createServerTlsPolicyOperationCallable().futureCall(request);
+      // Do something.
+      ServerTlsPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java
new file mode 100644
index 000000000000..5aada4455f4d
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class SyncCreateServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateServerTlsPolicy();
+  }
+
+  public static void syncCreateServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      CreateServerTlsPolicyRequest request =
+          CreateServerTlsPolicyRequest.newBuilder()
+              .setParent(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
+              .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+              .build();
+      ServerTlsPolicy response = networkSecurityClient.createServerTlsPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString.java
new file mode 100644
index 000000000000..f84fd060d945
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_servertlspolicynameservertlspolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateServerTlsPolicyServertlspolicynameServertlspolicyString();
+  }
+
+  public static void syncCreateServerTlsPolicyServertlspolicynameServertlspolicyString()
+      throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ServerTlsPolicyName parent =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+      ServerTlsPolicy response =
+          networkSecurityClient
+              .createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId)
+              .get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_servertlspolicynameservertlspolicystring_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java
new file mode 100644
index 000000000000..de5873a4d83d
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_stringservertlspolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class SyncCreateServerTlsPolicyStringServertlspolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateServerTlsPolicyStringServertlspolicyString();
+  }
+
+  public static void syncCreateServerTlsPolicyStringServertlspolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String parent =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString();
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+      ServerTlsPolicy response =
+          networkSecurityClient
+              .createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId)
+              .get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_stringservertlspolicystring_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicy.java
new file mode 100644
index 000000000000..b47623c48c64
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.DeleteAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.longrunning.Operation;
+
+public class AsyncDeleteAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncDeleteAuthorizationPolicy();
+  }
+
+  public static void asyncDeleteAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteAuthorizationPolicyRequest request =
+          DeleteAuthorizationPolicyRequest.newBuilder()
+              .setName(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.deleteAuthorizationPolicyCallable().futureCall(request);
+      // Do something.
+      future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicyLRO.java
new file mode 100644
index 000000000000..bf8636fffadd
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/AsyncDeleteAuthorizationPolicyLRO.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.DeleteAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.protobuf.Empty;
+
+public class AsyncDeleteAuthorizationPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncDeleteAuthorizationPolicyLRO();
+  }
+
+  public static void asyncDeleteAuthorizationPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteAuthorizationPolicyRequest request =
+          DeleteAuthorizationPolicyRequest.newBuilder()
+              .setName(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .build();
+      OperationFuture<Empty, OperationMetadata> future =
+          networkSecurityClient.deleteAuthorizationPolicyOperationCallable().futureCall(request);
+      // Do something.
+      future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicy.java
new file mode 100644
index 000000000000..de48eb00212f
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicy.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.DeleteAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteAuthorizationPolicy();
+  }
+
+  public static void syncDeleteAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteAuthorizationPolicyRequest request =
+          DeleteAuthorizationPolicyRequest.newBuilder()
+              .setName(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .build();
+      networkSecurityClient.deleteAuthorizationPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyAuthorizationpolicyname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyAuthorizationpolicyname.java
new file mode 100644
index 000000000000..ce5485081514
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyAuthorizationpolicyname.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_authorizationpolicyname_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteAuthorizationPolicyAuthorizationpolicyname {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteAuthorizationPolicyAuthorizationpolicyname();
+  }
+
+  public static void syncDeleteAuthorizationPolicyAuthorizationpolicyname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      AuthorizationPolicyName name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      networkSecurityClient.deleteAuthorizationPolicyAsync(name).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_authorizationpolicyname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyString.java
new file mode 100644
index 000000000000..78eac36a1971
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteauthorizationpolicy/SyncDeleteAuthorizationPolicyString.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_string_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteAuthorizationPolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteAuthorizationPolicyString();
+  }
+
+  public static void syncDeleteAuthorizationPolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+              .toString();
+      networkSecurityClient.deleteAuthorizationPolicyAsync(name).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteauthorizationpolicy_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicy.java
new file mode 100644
index 000000000000..2e56e6adeb9c
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.DeleteClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.longrunning.Operation;
+
+public class AsyncDeleteClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncDeleteClientTlsPolicy();
+  }
+
+  public static void asyncDeleteClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteClientTlsPolicyRequest request =
+          DeleteClientTlsPolicyRequest.newBuilder()
+              .setName(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.deleteClientTlsPolicyCallable().futureCall(request);
+      // Do something.
+      future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicyLRO.java
new file mode 100644
index 000000000000..60dbb3b685f9
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/AsyncDeleteClientTlsPolicyLRO.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.DeleteClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.protobuf.Empty;
+
+public class AsyncDeleteClientTlsPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncDeleteClientTlsPolicyLRO();
+  }
+
+  public static void asyncDeleteClientTlsPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteClientTlsPolicyRequest request =
+          DeleteClientTlsPolicyRequest.newBuilder()
+              .setName(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .build();
+      OperationFuture<Empty, OperationMetadata> future =
+          networkSecurityClient.deleteClientTlsPolicyOperationCallable().futureCall(request);
+      // Do something.
+      future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicy.java
new file mode 100644
index 000000000000..cf07c342231c
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicy.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.DeleteClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteClientTlsPolicy();
+  }
+
+  public static void syncDeleteClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteClientTlsPolicyRequest request =
+          DeleteClientTlsPolicyRequest.newBuilder()
+              .setName(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .build();
+      networkSecurityClient.deleteClientTlsPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyClienttlspolicyname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyClienttlspolicyname.java
new file mode 100644
index 000000000000..464507abd37e
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyClienttlspolicyname.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_clienttlspolicyname_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteClientTlsPolicyClienttlspolicyname {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteClientTlsPolicyClienttlspolicyname();
+  }
+
+  public static void syncDeleteClientTlsPolicyClienttlspolicyname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ClientTlsPolicyName name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      networkSecurityClient.deleteClientTlsPolicyAsync(name).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_clienttlspolicyname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyString.java
new file mode 100644
index 000000000000..a0d928f5ebbd
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteclienttlspolicy/SyncDeleteClientTlsPolicyString.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_string_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteClientTlsPolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteClientTlsPolicyString();
+  }
+
+  public static void syncDeleteClientTlsPolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString();
+      networkSecurityClient.deleteClientTlsPolicyAsync(name).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteclienttlspolicy_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicy.java
new file mode 100644
index 000000000000..3c60d7934878
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.DeleteServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+import com.google.longrunning.Operation;
+
+public class AsyncDeleteServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncDeleteServerTlsPolicy();
+  }
+
+  public static void asyncDeleteServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteServerTlsPolicyRequest request =
+          DeleteServerTlsPolicyRequest.newBuilder()
+              .setName(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.deleteServerTlsPolicyCallable().futureCall(request);
+      // Do something.
+      future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicyLRO.java
new file mode 100644
index 000000000000..f43f1c79d276
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/AsyncDeleteServerTlsPolicyLRO.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.DeleteServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+import com.google.protobuf.Empty;
+
+public class AsyncDeleteServerTlsPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncDeleteServerTlsPolicyLRO();
+  }
+
+  public static void asyncDeleteServerTlsPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteServerTlsPolicyRequest request =
+          DeleteServerTlsPolicyRequest.newBuilder()
+              .setName(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .build();
+      OperationFuture<Empty, OperationMetadata> future =
+          networkSecurityClient.deleteServerTlsPolicyOperationCallable().futureCall(request);
+      // Do something.
+      future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicy.java
new file mode 100644
index 000000000000..7a2cd5cb8c56
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicy.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.DeleteServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteServerTlsPolicy();
+  }
+
+  public static void syncDeleteServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      DeleteServerTlsPolicyRequest request =
+          DeleteServerTlsPolicyRequest.newBuilder()
+              .setName(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .build();
+      networkSecurityClient.deleteServerTlsPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyServertlspolicyname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyServertlspolicyname.java
new file mode 100644
index 000000000000..9bfe8efd56fd
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyServertlspolicyname.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_servertlspolicyname_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteServerTlsPolicyServertlspolicyname {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteServerTlsPolicyServertlspolicyname();
+  }
+
+  public static void syncDeleteServerTlsPolicyServertlspolicyname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ServerTlsPolicyName name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      networkSecurityClient.deleteServerTlsPolicyAsync(name).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_servertlspolicyname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyString.java
new file mode 100644
index 000000000000..59605ae3d9db
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/deleteservertlspolicy/SyncDeleteServerTlsPolicyString.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_string_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+import com.google.protobuf.Empty;
+
+public class SyncDeleteServerTlsPolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncDeleteServerTlsPolicyString();
+  }
+
+  public static void syncDeleteServerTlsPolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString();
+      networkSecurityClient.deleteServerTlsPolicyAsync(name).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_deleteservertlspolicy_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/AsyncGetAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/AsyncGetAuthorizationPolicy.java
new file mode 100644
index 000000000000..05d54a62201c
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/AsyncGetAuthorizationPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.GetAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class AsyncGetAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncGetAuthorizationPolicy();
+  }
+
+  public static void asyncGetAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetAuthorizationPolicyRequest request =
+          GetAuthorizationPolicyRequest.newBuilder()
+              .setName(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .build();
+      ApiFuture<AuthorizationPolicy> future =
+          networkSecurityClient.getAuthorizationPolicyCallable().futureCall(request);
+      // Do something.
+      AuthorizationPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
new file mode 100644
index 000000000000..9785908b7dec
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.GetAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncGetAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncGetAuthorizationPolicy();
+  }
+
+  public static void syncGetAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetAuthorizationPolicyRequest request =
+          GetAuthorizationPolicyRequest.newBuilder()
+              .setName(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .build();
+      AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(request);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyAuthorizationpolicyname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyAuthorizationpolicyname.java
new file mode 100644
index 000000000000..a147e19093a4
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyAuthorizationpolicyname.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_authorizationpolicyname_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncGetAuthorizationPolicyAuthorizationpolicyname {
+
+  public static void main(String[] args) throws Exception {
+    syncGetAuthorizationPolicyAuthorizationpolicyname();
+  }
+
+  public static void syncGetAuthorizationPolicyAuthorizationpolicyname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      AuthorizationPolicyName name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(name);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_authorizationpolicyname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyString.java
new file mode 100644
index 000000000000..b8099aeef1f4
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getauthorizationpolicy/SyncGetAuthorizationPolicyString.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_string_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncGetAuthorizationPolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncGetAuthorizationPolicyString();
+  }
+
+  public static void syncGetAuthorizationPolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+              .toString();
+      AuthorizationPolicy response = networkSecurityClient.getAuthorizationPolicy(name);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getauthorizationpolicy_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/AsyncGetClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/AsyncGetClientTlsPolicy.java
new file mode 100644
index 000000000000..0a46f2ec9572
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/AsyncGetClientTlsPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.GetClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class AsyncGetClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncGetClientTlsPolicy();
+  }
+
+  public static void asyncGetClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetClientTlsPolicyRequest request =
+          GetClientTlsPolicyRequest.newBuilder()
+              .setName(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .build();
+      ApiFuture<ClientTlsPolicy> future =
+          networkSecurityClient.getClientTlsPolicyCallable().futureCall(request);
+      // Do something.
+      ClientTlsPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicy.java
new file mode 100644
index 000000000000..97f1f1374791
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicy.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.GetClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncGetClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncGetClientTlsPolicy();
+  }
+
+  public static void syncGetClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetClientTlsPolicyRequest request =
+          GetClientTlsPolicyRequest.newBuilder()
+              .setName(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .build();
+      ClientTlsPolicy response = networkSecurityClient.getClientTlsPolicy(request);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyClienttlspolicyname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyClienttlspolicyname.java
new file mode 100644
index 000000000000..e79b00f17a37
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyClienttlspolicyname.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_clienttlspolicyname_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncGetClientTlsPolicyClienttlspolicyname {
+
+  public static void main(String[] args) throws Exception {
+    syncGetClientTlsPolicyClienttlspolicyname();
+  }
+
+  public static void syncGetClientTlsPolicyClienttlspolicyname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ClientTlsPolicyName name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      ClientTlsPolicy response = networkSecurityClient.getClientTlsPolicy(name);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_clienttlspolicyname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyString.java
new file mode 100644
index 000000000000..07db8ba6ac29
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getclienttlspolicy/SyncGetClientTlsPolicyString.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_string_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncGetClientTlsPolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncGetClientTlsPolicyString();
+  }
+
+  public static void syncGetClientTlsPolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString();
+      ClientTlsPolicy response = networkSecurityClient.getClientTlsPolicy(name);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getclienttlspolicy_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/AsyncGetServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/AsyncGetServerTlsPolicy.java
new file mode 100644
index 000000000000..dbf52e3dd214
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/AsyncGetServerTlsPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.GetServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class AsyncGetServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncGetServerTlsPolicy();
+  }
+
+  public static void asyncGetServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetServerTlsPolicyRequest request =
+          GetServerTlsPolicyRequest.newBuilder()
+              .setName(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .build();
+      ApiFuture<ServerTlsPolicy> future =
+          networkSecurityClient.getServerTlsPolicyCallable().futureCall(request);
+      // Do something.
+      ServerTlsPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicy.java
new file mode 100644
index 000000000000..dfef44c66cff
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicy.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.GetServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class SyncGetServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncGetServerTlsPolicy();
+  }
+
+  public static void syncGetServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetServerTlsPolicyRequest request =
+          GetServerTlsPolicyRequest.newBuilder()
+              .setName(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .build();
+      ServerTlsPolicy response = networkSecurityClient.getServerTlsPolicy(request);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyServertlspolicyname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyServertlspolicyname.java
new file mode 100644
index 000000000000..e6e725abaf22
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyServertlspolicyname.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_servertlspolicyname_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class SyncGetServerTlsPolicyServertlspolicyname {
+
+  public static void main(String[] args) throws Exception {
+    syncGetServerTlsPolicyServertlspolicyname();
+  }
+
+  public static void syncGetServerTlsPolicyServertlspolicyname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ServerTlsPolicyName name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      ServerTlsPolicy response = networkSecurityClient.getServerTlsPolicy(name);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_servertlspolicyname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyString.java
new file mode 100644
index 000000000000..1c202e80ae28
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getservertlspolicy/SyncGetServerTlsPolicyString.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_string_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
+
+public class SyncGetServerTlsPolicyString {
+
+  public static void main(String[] args) throws Exception {
+    syncGetServerTlsPolicyString();
+  }
+
+  public static void syncGetServerTlsPolicyString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString();
+      ServerTlsPolicy response = networkSecurityClient.getServerTlsPolicy(name);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getservertlspolicy_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPolicies.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPolicies.java
new file mode 100644
index 000000000000..34af8e34ef99
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPolicies.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.ListAuthorizationPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class AsyncListAuthorizationPolicies {
+
+  public static void main(String[] args) throws Exception {
+    asyncListAuthorizationPolicies();
+  }
+
+  public static void asyncListAuthorizationPolicies() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListAuthorizationPoliciesRequest request =
+          ListAuthorizationPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      ApiFuture<AuthorizationPolicy> future =
+          networkSecurityClient.listAuthorizationPoliciesPagedCallable().futureCall(request);
+      // Do something.
+      for (AuthorizationPolicy element : future.get().iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPoliciesPaged.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPoliciesPaged.java
new file mode 100644
index 000000000000..e78eef58fec2
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/AsyncListAuthorizationPoliciesPaged.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_paged_async]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.ListAuthorizationPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.ListAuthorizationPoliciesResponse;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.common.base.Strings;
+
+public class AsyncListAuthorizationPoliciesPaged {
+
+  public static void main(String[] args) throws Exception {
+    asyncListAuthorizationPoliciesPaged();
+  }
+
+  public static void asyncListAuthorizationPoliciesPaged() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListAuthorizationPoliciesRequest request =
+          ListAuthorizationPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      while (true) {
+        ListAuthorizationPoliciesResponse response =
+            networkSecurityClient.listAuthorizationPoliciesCallable().call(request);
+        for (AuthorizationPolicy element : response.getAuthorizationPoliciesList()) {
+          // doThingsWith(element);
+        }
+        String nextPageToken = response.getNextPageToken();
+        if (!Strings.isNullOrEmpty(nextPageToken)) {
+          request = request.toBuilder().setPageToken(nextPageToken).build();
+        } else {
+          break;
+        }
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_paged_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPolicies.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPolicies.java
new file mode 100644
index 000000000000..8db22dd72656
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPolicies.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.ListAuthorizationPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncListAuthorizationPolicies {
+
+  public static void main(String[] args) throws Exception {
+    syncListAuthorizationPolicies();
+  }
+
+  public static void syncListAuthorizationPolicies() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListAuthorizationPoliciesRequest request =
+          ListAuthorizationPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      for (AuthorizationPolicy element :
+          networkSecurityClient.listAuthorizationPolicies(request).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesLocationname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesLocationname.java
new file mode 100644
index 000000000000..2495e8f3b8ab
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesLocationname.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_locationname_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncListAuthorizationPoliciesLocationname {
+
+  public static void main(String[] args) throws Exception {
+    syncListAuthorizationPoliciesLocationname();
+  }
+
+  public static void syncListAuthorizationPoliciesLocationname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      for (AuthorizationPolicy element :
+          networkSecurityClient.listAuthorizationPolicies(parent).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_locationname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesString.java
new file mode 100644
index 000000000000..74a5b357403a
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listauthorizationpolicies/SyncListAuthorizationPoliciesString.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_string_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncListAuthorizationPoliciesString {
+
+  public static void main(String[] args) throws Exception {
+    syncListAuthorizationPoliciesString();
+  }
+
+  public static void syncListAuthorizationPoliciesString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+      for (AuthorizationPolicy element :
+          networkSecurityClient.listAuthorizationPolicies(parent).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listauthorizationpolicies_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPolicies.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPolicies.java
new file mode 100644
index 000000000000..013db8b69993
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPolicies.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ListClientTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class AsyncListClientTlsPolicies {
+
+  public static void main(String[] args) throws Exception {
+    asyncListClientTlsPolicies();
+  }
+
+  public static void asyncListClientTlsPolicies() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListClientTlsPoliciesRequest request =
+          ListClientTlsPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      ApiFuture<ClientTlsPolicy> future =
+          networkSecurityClient.listClientTlsPoliciesPagedCallable().futureCall(request);
+      // Do something.
+      for (ClientTlsPolicy element : future.get().iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPoliciesPaged.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPoliciesPaged.java
new file mode 100644
index 000000000000..48065743b015
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/AsyncListClientTlsPoliciesPaged.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_paged_async]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ListClientTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.ListClientTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.common.base.Strings;
+
+public class AsyncListClientTlsPoliciesPaged {
+
+  public static void main(String[] args) throws Exception {
+    asyncListClientTlsPoliciesPaged();
+  }
+
+  public static void asyncListClientTlsPoliciesPaged() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListClientTlsPoliciesRequest request =
+          ListClientTlsPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      while (true) {
+        ListClientTlsPoliciesResponse response =
+            networkSecurityClient.listClientTlsPoliciesCallable().call(request);
+        for (ClientTlsPolicy element : response.getClientTlsPoliciesList()) {
+          // doThingsWith(element);
+        }
+        String nextPageToken = response.getNextPageToken();
+        if (!Strings.isNullOrEmpty(nextPageToken)) {
+          request = request.toBuilder().setPageToken(nextPageToken).build();
+        } else {
+          break;
+        }
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_paged_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPolicies.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPolicies.java
new file mode 100644
index 000000000000..8ddbb2abc4d3
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPolicies.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.ListClientTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncListClientTlsPolicies {
+
+  public static void main(String[] args) throws Exception {
+    syncListClientTlsPolicies();
+  }
+
+  public static void syncListClientTlsPolicies() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListClientTlsPoliciesRequest request =
+          ListClientTlsPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      for (ClientTlsPolicy element :
+          networkSecurityClient.listClientTlsPolicies(request).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesLocationname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesLocationname.java
new file mode 100644
index 000000000000..76847084bb6a
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesLocationname.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_locationname_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncListClientTlsPoliciesLocationname {
+
+  public static void main(String[] args) throws Exception {
+    syncListClientTlsPoliciesLocationname();
+  }
+
+  public static void syncListClientTlsPoliciesLocationname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      for (ClientTlsPolicy element :
+          networkSecurityClient.listClientTlsPolicies(parent).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_locationname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesString.java
new file mode 100644
index 000000000000..910709661476
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listclienttlspolicies/SyncListClientTlsPoliciesString.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_string_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncListClientTlsPoliciesString {
+
+  public static void main(String[] args) throws Exception {
+    syncListClientTlsPoliciesString();
+  }
+
+  public static void syncListClientTlsPoliciesString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+      for (ClientTlsPolicy element :
+          networkSecurityClient.listClientTlsPolicies(parent).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listclienttlspolicies_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPolicies.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPolicies.java
new file mode 100644
index 000000000000..2952222a4f21
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPolicies.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.ListServerTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+
+public class AsyncListServerTlsPolicies {
+
+  public static void main(String[] args) throws Exception {
+    asyncListServerTlsPolicies();
+  }
+
+  public static void asyncListServerTlsPolicies() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListServerTlsPoliciesRequest request =
+          ListServerTlsPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      ApiFuture<ServerTlsPolicy> future =
+          networkSecurityClient.listServerTlsPoliciesPagedCallable().futureCall(request);
+      // Do something.
+      for (ServerTlsPolicy element : future.get().iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPoliciesPaged.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPoliciesPaged.java
new file mode 100644
index 000000000000..0d40acda1732
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/AsyncListServerTlsPoliciesPaged.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_paged_async]
+import com.google.cloud.networksecurity.v1beta1.ListServerTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.ListServerTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.common.base.Strings;
+
+public class AsyncListServerTlsPoliciesPaged {
+
+  public static void main(String[] args) throws Exception {
+    asyncListServerTlsPoliciesPaged();
+  }
+
+  public static void asyncListServerTlsPoliciesPaged() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListServerTlsPoliciesRequest request =
+          ListServerTlsPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      while (true) {
+        ListServerTlsPoliciesResponse response =
+            networkSecurityClient.listServerTlsPoliciesCallable().call(request);
+        for (ServerTlsPolicy element : response.getServerTlsPoliciesList()) {
+          // doThingsWith(element);
+        }
+        String nextPageToken = response.getNextPageToken();
+        if (!Strings.isNullOrEmpty(nextPageToken)) {
+          request = request.toBuilder().setPageToken(nextPageToken).build();
+        } else {
+          break;
+        }
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_paged_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPolicies.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPolicies.java
new file mode 100644
index 000000000000..3909b300e56e
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPolicies.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_sync]
+import com.google.cloud.networksecurity.v1beta1.ListServerTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+
+public class SyncListServerTlsPolicies {
+
+  public static void main(String[] args) throws Exception {
+    syncListServerTlsPolicies();
+  }
+
+  public static void syncListServerTlsPolicies() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListServerTlsPoliciesRequest request =
+          ListServerTlsPoliciesRequest.newBuilder()
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      for (ServerTlsPolicy element :
+          networkSecurityClient.listServerTlsPolicies(request).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesLocationname.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesLocationname.java
new file mode 100644
index 000000000000..efe82605f91c
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesLocationname.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_locationname_sync]
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+
+public class SyncListServerTlsPoliciesLocationname {
+
+  public static void main(String[] args) throws Exception {
+    syncListServerTlsPoliciesLocationname();
+  }
+
+  public static void syncListServerTlsPoliciesLocationname() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      for (ServerTlsPolicy element :
+          networkSecurityClient.listServerTlsPolicies(parent).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_locationname_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesString.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesString.java
new file mode 100644
index 000000000000..220f14cf0d0e
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listservertlspolicies/SyncListServerTlsPoliciesString.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_string_sync]
+import com.google.cloud.networksecurity.v1beta1.LocationName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+
+public class SyncListServerTlsPoliciesString {
+
+  public static void main(String[] args) throws Exception {
+    syncListServerTlsPoliciesString();
+  }
+
+  public static void syncListServerTlsPoliciesString() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
+      for (ServerTlsPolicy element :
+          networkSecurityClient.listServerTlsPolicies(parent).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listservertlspolicies_string_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicy.java
new file mode 100644
index 000000000000..7d2875d91f9f
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.UpdateAuthorizationPolicyRequest;
+import com.google.longrunning.Operation;
+import com.google.protobuf.FieldMask;
+
+public class AsyncUpdateAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncUpdateAuthorizationPolicy();
+  }
+
+  public static void asyncUpdateAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateAuthorizationPolicyRequest request =
+          UpdateAuthorizationPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.updateAuthorizationPolicyCallable().futureCall(request);
+      // Do something.
+      Operation response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicyLRO.java
new file mode 100644
index 000000000000..6a6b3f7b582c
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/AsyncUpdateAuthorizationPolicyLRO.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.cloud.networksecurity.v1beta1.UpdateAuthorizationPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class AsyncUpdateAuthorizationPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncUpdateAuthorizationPolicyLRO();
+  }
+
+  public static void asyncUpdateAuthorizationPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateAuthorizationPolicyRequest request =
+          UpdateAuthorizationPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+              .build();
+      OperationFuture<AuthorizationPolicy, OperationMetadata> future =
+          networkSecurityClient.updateAuthorizationPolicyOperationCallable().futureCall(request);
+      // Do something.
+      AuthorizationPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicy.java
new file mode 100644
index 000000000000..9b7f0137339c
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicy.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.UpdateAuthorizationPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class SyncUpdateAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncUpdateAuthorizationPolicy();
+  }
+
+  public static void syncUpdateAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateAuthorizationPolicyRequest request =
+          UpdateAuthorizationPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
+              .build();
+      AuthorizationPolicy response =
+          networkSecurityClient.updateAuthorizationPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicyAuthorizationpolicyFieldmask.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicyAuthorizationpolicyFieldmask.java
new file mode 100644
index 000000000000..6e5bc1b5192d
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateauthorizationpolicy/SyncUpdateAuthorizationPolicyAuthorizationpolicyFieldmask.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_authorizationpolicyfieldmask_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.FieldMask;
+
+public class SyncUpdateAuthorizationPolicyAuthorizationpolicyFieldmask {
+
+  public static void main(String[] args) throws Exception {
+    syncUpdateAuthorizationPolicyAuthorizationpolicyFieldmask();
+  }
+
+  public static void syncUpdateAuthorizationPolicyAuthorizationpolicyFieldmask() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      AuthorizationPolicy response =
+          networkSecurityClient
+              .updateAuthorizationPolicyAsync(authorizationPolicy, updateMask)
+              .get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateauthorizationpolicy_authorizationpolicyfieldmask_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicy.java
new file mode 100644
index 000000000000..ee36efb53ea8
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.UpdateClientTlsPolicyRequest;
+import com.google.longrunning.Operation;
+import com.google.protobuf.FieldMask;
+
+public class AsyncUpdateClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncUpdateClientTlsPolicy();
+  }
+
+  public static void asyncUpdateClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateClientTlsPolicyRequest request =
+          UpdateClientTlsPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.updateClientTlsPolicyCallable().futureCall(request);
+      // Do something.
+      Operation response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicyLRO.java
new file mode 100644
index 000000000000..e12cf5c630d3
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/AsyncUpdateClientTlsPolicyLRO.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.cloud.networksecurity.v1beta1.UpdateClientTlsPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class AsyncUpdateClientTlsPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncUpdateClientTlsPolicyLRO();
+  }
+
+  public static void asyncUpdateClientTlsPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateClientTlsPolicyRequest request =
+          UpdateClientTlsPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+              .build();
+      OperationFuture<ClientTlsPolicy, OperationMetadata> future =
+          networkSecurityClient.updateClientTlsPolicyOperationCallable().futureCall(request);
+      // Do something.
+      ClientTlsPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicy.java
new file mode 100644
index 000000000000..e690b7cf67b8
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicy.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.UpdateClientTlsPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class SyncUpdateClientTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncUpdateClientTlsPolicy();
+  }
+
+  public static void syncUpdateClientTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateClientTlsPolicyRequest request =
+          UpdateClientTlsPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
+              .build();
+      ClientTlsPolicy response = networkSecurityClient.updateClientTlsPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicyClienttlspolicyFieldmask.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicyClienttlspolicyFieldmask.java
new file mode 100644
index 000000000000..f8d0f0b93773
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateclienttlspolicy/SyncUpdateClientTlsPolicyClienttlspolicyFieldmask.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_clienttlspolicyfieldmask_sync]
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.protobuf.FieldMask;
+
+public class SyncUpdateClientTlsPolicyClienttlspolicyFieldmask {
+
+  public static void main(String[] args) throws Exception {
+    syncUpdateClientTlsPolicyClienttlspolicyFieldmask();
+  }
+
+  public static void syncUpdateClientTlsPolicyClienttlspolicyFieldmask() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      ClientTlsPolicy response =
+          networkSecurityClient.updateClientTlsPolicyAsync(clientTlsPolicy, updateMask).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateclienttlspolicy_clienttlspolicyfieldmask_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicy.java
new file mode 100644
index 000000000000..462fc65a5156
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicy.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.UpdateServerTlsPolicyRequest;
+import com.google.longrunning.Operation;
+import com.google.protobuf.FieldMask;
+
+public class AsyncUpdateServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncUpdateServerTlsPolicy();
+  }
+
+  public static void asyncUpdateServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateServerTlsPolicyRequest request =
+          UpdateServerTlsPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+              .build();
+      ApiFuture<Operation> future =
+          networkSecurityClient.updateServerTlsPolicyCallable().futureCall(request);
+      // Do something.
+      Operation response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicyLRO.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicyLRO.java
new file mode 100644
index 000000000000..f84eed6ada81
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/AsyncUpdateServerTlsPolicyLRO.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_lro_async]
+import com.google.api.gax.longrunning.OperationFuture;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.UpdateServerTlsPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class AsyncUpdateServerTlsPolicyLRO {
+
+  public static void main(String[] args) throws Exception {
+    asyncUpdateServerTlsPolicyLRO();
+  }
+
+  public static void asyncUpdateServerTlsPolicyLRO() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateServerTlsPolicyRequest request =
+          UpdateServerTlsPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+              .build();
+      OperationFuture<ServerTlsPolicy, OperationMetadata> future =
+          networkSecurityClient.updateServerTlsPolicyOperationCallable().futureCall(request);
+      // Do something.
+      ServerTlsPolicy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_lro_async]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicy.java
new file mode 100644
index 000000000000..b1c1eea6f725
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicy.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.UpdateServerTlsPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class SyncUpdateServerTlsPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncUpdateServerTlsPolicy();
+  }
+
+  public static void syncUpdateServerTlsPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      UpdateServerTlsPolicyRequest request =
+          UpdateServerTlsPolicyRequest.newBuilder()
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
+              .build();
+      ServerTlsPolicy response = networkSecurityClient.updateServerTlsPolicyAsync(request).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicyServertlspolicyFieldmask.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicyServertlspolicyFieldmask.java
new file mode 100644
index 000000000000..1b9c99fcd2da
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/updateservertlspolicy/SyncUpdateServerTlsPolicyServertlspolicyFieldmask.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_servertlspolicyfieldmask_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.protobuf.FieldMask;
+
+public class SyncUpdateServerTlsPolicyServertlspolicyFieldmask {
+
+  public static void main(String[] args) throws Exception {
+    syncUpdateServerTlsPolicyServertlspolicyFieldmask();
+  }
+
+  public static void syncUpdateServerTlsPolicyServertlspolicyFieldmask() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      ServerTlsPolicy response =
+          networkSecurityClient.updateServerTlsPolicyAsync(serverTlsPolicy, updateMask).get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_updateservertlspolicy_servertlspolicyfieldmask_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecuritysettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecuritysettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
new file mode 100644
index 000000000000..70d790a8a2dc
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecuritysettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecuritysettings_getauthorizationpolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecuritySettings;
+import java.time.Duration;
+
+public class SyncGetAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncGetAuthorizationPolicy();
+  }
+
+  public static void syncGetAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    NetworkSecuritySettings.Builder networkSecuritySettingsBuilder =
+        NetworkSecuritySettings.newBuilder();
+    networkSecuritySettingsBuilder
+        .getAuthorizationPolicySettings()
+        .setRetrySettings(
+            networkSecuritySettingsBuilder
+                .getAuthorizationPolicySettings()
+                .getRetrySettings()
+                .toBuilder()
+                .setTotalTimeout(Duration.ofSeconds(30))
+                .build());
+    NetworkSecuritySettings networkSecuritySettings = networkSecuritySettingsBuilder.build();
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecuritysettings_getauthorizationpolicy_sync]
diff --git a/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/stub/networksecuritystubsettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/stub/networksecuritystubsettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
new file mode 100644
index 000000000000..587bda1982f9
--- /dev/null
+++ b/java-network-security/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/stub/networksecuritystubsettings/getauthorizationpolicy/SyncGetAuthorizationPolicy.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.stub.samples;
+
+// [START networksecurity_v1beta1_generated_networksecuritystubsettings_getauthorizationpolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.stub.NetworkSecurityStubSettings;
+import java.time.Duration;
+
+public class SyncGetAuthorizationPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncGetAuthorizationPolicy();
+  }
+
+  public static void syncGetAuthorizationPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    NetworkSecurityStubSettings.Builder networkSecuritySettingsBuilder =
+        NetworkSecurityStubSettings.newBuilder();
+    networkSecuritySettingsBuilder
+        .getAuthorizationPolicySettings()
+        .setRetrySettings(
+            networkSecuritySettingsBuilder
+                .getAuthorizationPolicySettings()
+                .getRetrySettings()
+                .toBuilder()
+                .setTotalTimeout(Duration.ofSeconds(30))
+                .build());
+    NetworkSecurityStubSettings networkSecuritySettings = networkSecuritySettingsBuilder.build();
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecuritystubsettings_getauthorizationpolicy_sync]
diff --git a/java-network-security/versions.txt b/java-network-security/versions.txt
index 7ab40f886ed6..7ec8539b440f 100644
--- a/java-network-security/versions.txt
+++ b/java-network-security/versions.txt
@@ -4,3 +4,5 @@
 google-cloud-network-security:0.5.1:0.5.2-SNAPSHOT
 grpc-google-cloud-network-security-v1beta1:0.5.1:0.5.2-SNAPSHOT
 proto-google-cloud-network-security-v1beta1:0.5.1:0.5.2-SNAPSHOT
+proto-google-cloud-network-security-v1:0.5.1:0.5.2-SNAPSHOT
+grpc-google-cloud-network-security-v1:0.5.1:0.5.2-SNAPSHOT